Forensics
Registry Path (HKEY_LOCAL_MACHINE\SOFTWARE) | Sample Value |
\Policies\Citrix\<session #>\Evidence\ClientName | DESKTOP-1ABC2DE3 |
\Policies\Citrix\<session #>\Evidence\ClientIP | 10.0.2.15 |
\Policies\Citrix\<session #>\Evidence\BrokeringUserSid | UserSid |
\WOW6432Node\Policies\Citrix\<session #>\Events\LastUpdate | 2023-10-10 12:00:00Z |
\WOW6432Node\Policies\Citrix\<session #>\Evidence\ClientName | DESKTOP-1ABC2DE3 |
Last updated