Skip to content

send HTTP request #1093

New issue
New issue
Open
Open
send HTTP request#1093
Labels
false positiveFalse positive rule hit
@mike-hunhoff

Description

@mike-hunhoff
mike-hunhoff
opened on Dec 4, 2025

file: https://www.virustotal.com/gui/file/18fccc911770c26135feb4837cc40920c798c57bc062cbdfb29641a891720938

Function Address Capability Verdict (TP/FP) Evidence & Reasoning Suggested Fix
0x409052 send HTTP request ❌ FP The function constructs and sends strings like HTTP/1.0 404 Host Not Found and HTTP/1.0 400 Malformed Request. This indicates the malware is acting as an HTTP Server sending a Response, not a Client sending a Request. Inspect buffer for HTTP Method verbs (GET, POST) for requests, distinct from Status Codes (404, 200) for responses.

Metadata

Metadata

Assignees

No one assigned

    Labels

    false positiveFalse positive rule hit

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions