In the previous recipe, we uncovered a loop that's used for deobfuscating parts of our binary in order to evade signature detection. In this recipe, we'll pick up from where we left off and identify other loops serving the same purpose. This is only one technique that is used in polymorphic code, but so far it appears to have been effective against our simple signature detection script.