Threat Actors may attempt to make a payload difficult to analyze by removing symbols, strings, and other human readable information. Scripts and executables may contain variables names and other strings that help developers document code functionality. Symbols are often created by an operating system’s linkerwhen executable payloads are compiled. Reverse engineers use these symbols and strings to analyze code and to identify functionality in payloads.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.