Internal WinAPI delay import

ID PE088 Level ERROR Category System

Description

The executable delay imports a Windows function which is internal to the operating system and is not recommended for use.

Mitigation

  • Do not use internal WinAPI functions, as they may be removed or altered in the future Windows releases. Follow the Microsoft-suggested mitigation which would be provided by Binary Valentine.

Arguments

This rule has the following output arguments:

  • dll - DLL name
  • api - WinAPI function
  • mitigation - Microsoft-suggested mitigation