Ultraviewer Logs
Overview
Section titled “Overview”Evidence: Ultraviewer Logs
Description: Collect Ultraviewer Logs
Category: Applications
Platform: windows
Short Name: ltrl
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”UltraViewer is a remote desktop application that stores logs, configuration data, and chat logs. The software has been observed in tech support scams and unauthorized remote access incidents.
Data Collected
Section titled “Data Collected”This collector gathers structured data about ultraviewer logs.
Collection Method
Section titled “Collection Method”This collector gathers UltraViewer application data, log files, text files, and chat logs from installation and user profile directories.
Forensic Value
Section titled “Forensic Value”UltraViewer artifacts are valuable for investigating tech support scams, unauthorized remote access, and social engineering attacks. Chat logs can reveal conversations between attackers and victims, and logs show remote session details.