From 862a933fa3ca4af4155efafda462c8d77a822c18 Mon Sep 17 00:00:00 2001
From: Teoderick Contreras <tcontreras@splunk.com>
Date: Wed, 8 Oct 2025 08:35:34 +0200
Subject: [PATCH] private_profile

---
 .../reg_profiles_private2/reg_profiles_private2.log |  3 +++
 .../reg_profiles_private2/reg_profiles_private2.yml | 13 +++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.log
 create mode 100644 datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.yml

diff --git a/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.log b/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.log
new file mode 100644
index 00000000..4bd1d825
--- /dev/null
+++ b/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6556ab4d3665ac2ffa87f5db2347b95de9e118e610a0d873b9f530a0b36b41b9
+size 4542
diff --git a/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.yml b/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.yml
new file mode 100644
index 00000000..65e54cab
--- /dev/null
+++ b/datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: d6e44c10-a410-11f0-8c8b-629be353806a
+date: '2025-10-08'
+description: Generated datasets for reg profiles private2 in attack range.
+environment: attack_range
+directory: reg_profiles_private
+mitre_technique:
+- T1112
+datasets:
+- name: reg_profiles_private2.log
+  path: /datasets/attack_techniques/T1112/reg_profiles_private2/reg_profiles_private2.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
\ No newline at end of file