From 371af8bb6586bb95fbcd131a02c0e903dd685312 Mon Sep 17 00:00:00 2001
From: lazarg <64415821+gbL2k@users.noreply.github.com>
Date: Sat, 14 Dec 2024 17:14:02 +0100
Subject: [PATCH] Update T1082.yaml

---
 atomics/T1082/T1082.yaml | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/atomics/T1082/T1082.yaml b/atomics/T1082/T1082.yaml
index 80ad611f54..f17e31414b 100644
--- a/atomics/T1082/T1082.yaml
+++ b/atomics/T1082/T1082.yaml
@@ -578,4 +578,26 @@ atomic_tests:
   executor:
     name: command_prompt
     command: |
-      powershell.exe -c "gdr -PSProvider 'FileSystem'"
\ No newline at end of file
+      powershell.exe -c "gdr -PSProvider 'FileSystem'"
+- name: Discover OS Product Name via Registry
+  description: |
+    Identify the Operating System Product Name via registry with the reg.exe command.
+    Upon execution, the OS Product Name will be displayed.
+  supported_platforms:
+    - windows
+  executor:
+    command: |
+      reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ProductName
+    name: command_prompt
+    elevation_required: false
+- name: Discover OS Build Number via Registry
+  description: |
+    Identify the Operating System Build Number via registry with the reg.exe command.
+    Upon execution, the OS Build Number will be displayed.
+  supported_platforms:
+    - windows
+  executor:
+    command: |
+      reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentBuildNumber
+    name: command_prompt
+    elevation_required: false