Insecure WinAPI delay import

ID PE087 Level ERROR Category Security

Description

The executable delay imports a Windows function which is considered insecure by Microsoft.

Mitigation

  • Do not use insecure WinAPI functions. Follow the Microsoft-suggested mitigation which would be provided by Binary Valentine.

Arguments

This rule has the following output arguments:

  • dll - DLL name
  • api - WinAPI function
  • mitigation - Microsoft-suggested mitigation