Ultraviewer Logs

Overview

Evidence: Ultraviewer Logs Description: Collect Ultraviewer Logs Category: Applications Platform: windows Short Name: ltrl Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

UltraViewer is a remote desktop application that stores logs, configuration data, and chat logs. The software has been observed in tech support scams and unauthorized remote access incidents.

Data Collected

This collector gathers structured data about ultraviewer logs.

Collection Method

This collector gathers UltraViewer application data, log files, text files, and chat logs from installation and user profile directories.

Forensic Value

UltraViewer artifacts are valuable for investigating tech support scams, unauthorized remote access, and social engineering attacks. Chat logs can reveal conversations between attackers and victims, and logs show remote session details.