Summary
Android app analysis helps a forensic investigator to look for valuable data in relevant locations on a device. Reverse engineering Android apps is the process of retrieving source code from an APK file. Using certain tools, such as dex2jar
, Android apps can be reverse engineered in order to understand their functionality and data storage, identify malware, and more. Identifying malware present on a device is crucial, as it may affect the outcome of an investigation. Tools such as UFED Physical Analyzer come with BitDefender software, which can automatically scan for malware. The next chapter covers performing forensics on Windows Phone devices.