UltraVNC Logs

Overview

Evidence: UltraVNC Logs Description: Collect UltraVNC Application Specific Log Files Category: Applications Platform: windows Short Name: ultravnclgs Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

UltraVNC is an open-source remote desktop application that logs connection events, authentication attempts, and session activities. It's commonly used for remote support and administration.

Data Collected

This collector gathers structured data about ultravnc logs.

Collection Method

This collector gathers UltraVNC log files from ProgramData directories containing connection and session information.

Forensic Value

UltraVNC logs help identify remote desktop sessions, authentication attempts, and connection patterns. They're valuable for investigating unauthorized remote access and lateral movement.