From 2d9087901d382ffdaba6efd15d26d35d5c2ea4fe Mon Sep 17 00:00:00 2001
From: lazarg <64415821+gbL2k@users.noreply.github.com>
Date: Thu, 19 Dec 2024 01:39:58 +0100
Subject: [PATCH] Update T1082.yaml (#3015)

Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
---
 atomics/T1082/T1082.yaml | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/atomics/T1082/T1082.yaml b/atomics/T1082/T1082.yaml
index 80ad611f..f17e3141 100644
--- a/atomics/T1082/T1082.yaml
+++ b/atomics/T1082/T1082.yaml
@@ -578,4 +578,26 @@ atomic_tests:
   executor:
     name: command_prompt
     command: |
-      powershell.exe -c "gdr -PSProvider 'FileSystem'"
\ No newline at end of file
+      powershell.exe -c "gdr -PSProvider 'FileSystem'"
+- name: Discover OS Product Name via Registry
+  description: |
+    Identify the Operating System Product Name via registry with the reg.exe command.
+    Upon execution, the OS Product Name will be displayed.
+  supported_platforms:
+    - windows
+  executor:
+    command: |
+      reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ProductName
+    name: command_prompt
+    elevation_required: false
+- name: Discover OS Build Number via Registry
+  description: |
+    Identify the Operating System Build Number via registry with the reg.exe command.
+    Upon execution, the OS Build Number will be displayed.
+  supported_platforms:
+    - windows
+  executor:
+    command: |
+      reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentBuildNumber
+    name: command_prompt
+    elevation_required: false