System Disk And Volume Reconnaissance Via Wmic.EXE (c79da740-5030-45ec-a2e0-479e824a562c)
An adversary might use WMI to discover information about the system, such as the volume name, size,
free space, and other disk information. This can be done using the wmic
command-line utility and has been
observed being used by threat actors such as Volt Typhoon.