In this paper, we present the design of a metamorphic engine representing a type of hurdle that antivirus systems need to get over in their ght against malware. First we describe the two steps of the en- gine replication process : obfuscation and modeling. Then, we apply this engine to a real worm to evaluate current antivirus products detection ca- pacities. This assessment leads to a classication of detection tools, based on their observable behavior, in two main categories: the rst one, rely- ing on static detection techniques, presents low detection rates obtained by heuristic analysis. The second one, composed of dynamic detection programs, focuses only on elementary suspicious actions. Consequently, no products appear to reliably detect the candidate malware after appli- cation of the metamorphic engine. Through this evaluation of antivirus products, we hope to help defenders understand and defend against the threat represented by this class of malware.