SecuriTeam recently ran a Code Cruncher competition. The idea was to create the smallest possible Windows executable file that could download an arbitrary file from the Code Cruncher site.
While the final results are not in yet, one entry at 210 bytes (including the length of the URL) looks set to be the winner. Why? Because it executes entirely from within the PE header. That's right - there is no code outside of the file header, only strings, such as the URL. Even more amazing, those strings are encrypted. The decryptor fits into the PE header, along with the downloader code.
Here's a sanitized version of it (the relevant code and URL have been replaced):
Malware that can travel in one network packet,...