This study proposes an efficient construction of a morphological malware detector that is a detector which associates syntactic and semantic analysis. The detection strategy is based on control flow graphs of programs (CFG). Our construction employs tree automata techniques; this provides an efficient representation of the CFG database. Next, we deal with classic mutations using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.