WhatsApp Business APK Forensic Investigation Data from Samsung Galaxy A54 5G

Published: 10 November 2023| Version 1 | DOI: 10.17632/wynp3yvycc.1
Contributor:
Tapan Jatakia

Description

Folder Descriptions: 1. Magnet_AXIOM-Acquire_Mobile_Agent --> The Screenshots of Magnet AXIOM Acquire Mobile Agent running on the mobile phone. 2. Magnet_AXIOM-Process --> The Screenshots of Magnet AXIOM Process acquiring Evidence from the mobile phone. 3. Magnet_AXIOM-Examine --> The Screenshots of Magnet AXIOM Examine displaying and visualizing the Evidence acquired from the mobile phone. 4. WhatsApp_Business_Data --> The Data related to "WhatsApp Business APK" acquired from the mobile phone. 5. WhatsApp_Business_APK --> The Android Application Package of WhatsApp Business that has been extracted from the mobile phone. 6. WhatsApp_Business_APK_Analysis --> The Screenshots of WhatsApp Business APK after Debugging on Android SDK.

Files

Steps to reproduce

2.2.1 Step 1: Creation of a Sandboxed Environment inside VMWare Workstation. Windows 10 Operating System is installed inside the VMWare Workstation. 2.2.2 Step 2: Downloading and Installation of Android SDK inside aforementioned virtual machine. 2.2.3 Step 3: Downloading and Installation of Magnet AXIOM inside the aforementioned virtual machine. 2.2.4 Step 4: Downloading and Installation of APK Extractor (com.ytheekshana.apkextractor) from Google Play Store on the device of Evidence Samsung Galaxy A54 5G. 2.2.5 Step 5: The Evidence is connected via USB Connector (Type-C to Type-A) to the laptop (Dell Inspiron 15 5567) and the USB Settings are configured. 2.2.6 Step 6: Extract the APK of WhatsApp Business from Evidence onto the Windows 10 virtual machine on the laptop. This APK is then Debug and the Android Manifest as well as code files are Analysed on Android Studio. 2.2.7 Step 7: The Windows Virtual Machine is configured to support the connection of USB Devices and the Magnet AXIOM Process is launched. 2.2.8 Step 8: The Magnet AXIOM Process tool is used to ADB (Unlocked) extract the entire data from the Evidence. 2.2.9 Step 9: The Magnet AXIOM Acquire Mobile/Endpoint Agent is automatically installed by the Magnet AXIOM Process on the mobile phone and Data is being Acquired via this Agent. 2.2.10 Step 10: The Magnet AXIOM Process completes the entire Data Acquisition and visualizes the Acquired Data in the Magnet AXIOM Examine tool. 2.2.11 Step 11: The analysed data is reported on this CA.

Institutions

National College of Ireland

Categories

Forensic Analysis, Digital Forensic Technique, Digital Forensic Tool, Disk Forensics, Forensic Examination, Theoretical Digital Forensic Research, Digital Forensic Seizure, Forensic Imaging, Forensic Autopsy, Forensic Identification

Funding

Er. Tapan Jatakia

https://linktr.ee/ertapanjatakia

Related Links

Software
https://www.magnetforensics.com/products/magnet-axiom
compiles this dataset
Software
https://developer.android.com/studio
compiles this dataset
Article
https://www.nist.gov/itl/ssd/software-quality-group/computer-forensics-tool-testing-program-cftt/cftt-technical/disk
is related to this dataset
Article
https://www.nist.gov/itl/ssd/software-quality-group/computer-forensics-tool-testing-program-cftt/federated-testing
is related to this dataset
Article
https://doi.org/10.1155/2021/5567592
is related to this dataset
Article
https://www.nist.gov/itl/ssd/software-quality-group/computer-forensics-tool-testing-program-cftt/cftt-technical/mobile
is related to this dataset

Licence