Potentially insecure WinAPI delay import

ID PE085 Level WARNING Category Security

Description

The executable delay imports a Windows function which may be insecure if used incorrectly.

Mitigation

  • Do not use potentially insecure WinAPI functions. Follow the Microsoft-suggested mitigation which would be provided by Binary Valentine.

Arguments

This rule has the following output arguments:

  • dll - DLL name
  • api - WinAPI function
  • mitigation - Microsoft-suggested mitigation