Binary Padding - MacOS (95361ce5-c891-4b0a-87ca-e24607884a96)

Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This rule detect using dd and truncate to add a junk data to file.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Binary Padding - MacOS (95361ce5-c891-4b0a-87ca-e24607884a96)	Sigma-Rules	Binary Padding - T1027.001 (5bfccc3f-2326-4112-86cc-c1ece9d8a2b5)	Attack Pattern	1
Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a)	Attack Pattern	Binary Padding - T1027.001 (5bfccc3f-2326-4112-86cc-c1ece9d8a2b5)	Attack Pattern	2