Whitepaper – Finding Important Artifacts in Recycle Bin(iOS/Android)

Recycle Bin can become an important clue to the case. It might provide the trace of a trial to hide or to conceal a clue. This whitepaper focuses on the research of deleted files from various types of apps in iOS and Android. It will help you to understand Recycle Bin, how the analyzed result varies by app, device, and OS environment. Acknowledge of recycle bin, you can go one step further to discover meaningful data!

 

 

Contents

 

  1. Introduction – What is Recycle Bin?
  2. Case Study – iOS(Save Path, Analysis result) – Apps: Photos, Notes, Voice Memos, Files
  3. Case Study – Android(Save Path, Analysis result) – Apps: Gallery, Voice Recorder, My Files, Contacts, Samsung notes, Messages
  1. Conclusion
  2. Appendix

Download Whitepaper – Recycle Bin(Preview version)

 

 

If you want to read the full version of the report, submit your inquiry!

New Product Introduction – Drone Forensic Solution, MD-DRONE

MD–DRONE is a forensic software for extracting and analyzing data from the various data source of UAV/Drone from global manufacturers such as DJI, Parrot, and PixHawk. Data can be extracted through an aircraft USB, network, SD card, Chip-off, and the extraction guide will be supported for each method. Flight log values, GPS-based drone flight history with multimedia data which is captured by drone aircraft can be analyzed. Analyzed results can be exported as reports in PDF format based on the bookmarked content.

 

Product Highlights

  • Diverse Drone extraction methods
  • Timeline analysis: flight history & multimedia
  • Flight detail data review
  • Accident analysis with AI for flight data
  • Multimedia analysis of Drone Camera
  • Bookmark and notification
  • Reporting and export of multimedia data
  • Supported Drone model list

If you want to learn detailed features of MD-DRONE, please send us your inquiry, our sales team will contact you!

 

Whitepaper – Data extraction and analysis of Samsung Secure Folder

Data extraction and analysis of Samsung Secure Folder

 

Secure Folder is a separate storage space within the device, protected by ‘Knox’—a security technology of Samsung.

By keeping sensitive data or personal contents and apps in Secure Folder, users can protect one’s personal data from being unintentionally exposed by external factors(e.g., attacks from malicious apps).

 

This whitepaper deals with data extraction and analysis of Samsung Secure Folder. Learn the extraction methods of Samsung Secure Folder which varies with the model, OS version, and security patch level by MD-NEXT. Find out how you can discover meaningful data from the analyzed result by MD-RED.

2021 Review – MD-Series Release Note Highlights

Go check how MD-Series got new and improved features in 2021.
If you want to read the full version of 2021 Release Note Highlights, download the PDF below!

 

MD-NEXT v1.89.13-v1.90.17

Supports 1,500 new models and updated 261 models. Supports 66 downgrade apps

 

MD-RED v3.7.23-v3.8.9

Supports 74 new apps and updated 190 apps (Android)

Supports 50 new apps and updated 141 apps (iOS)

 

MD-LIVE v3.3.20-v3.4.12

 

MD-VIDEO v3.4.0-v3.9.0

Supports 29 new models – DVR (16), NVR (8), Dashcam (5)

 

MD-CLOUD v1.4.0-v1.8.1

Supports 23 cloud-based services – Cloud drive (9), Email (4), SNS (3), IoT (2)

 

MD-DRONE (v.1.0.0)

Supports 23 new models – Manufacturers (7), Extraction sources (5)

 

 

2021 4Q MD-Series Release note highlights

Check the major features of MD-Series released in 2021 4Q, if you would like to know more go download the PDF file.

 

MD-NEXT v1.90.12 ~ v1.90.17

  • Bootloader supports extraction of feature phone which based Spreadtrum Chipset.
  • Android Full Filesystem extraction supports 21 models (Exynos) of Galaxy Note20, S20, S21 Series.
  • Improved Android Live extraction for Huawei Harmony OS 2.0.
  • Improved Downgrade app restore process of application that installed by ‘Stub’ version.
  • Improved manufacturer backup for Android 10 or higher version of devices.
  • Added ‘Realme’ for the ‘manufacturer backup’ feature when creating an MDF.
  • Updated MediaTek driver pack.
  • Supports 1,019 new models and updated 92 models.

MD-RED v3.7.49 ~ v3.8.9

  • Supports new features in iOS 15 – Video/Photo meta information, Message effects, Memories in Photos.
  • Supports Huawei Harmony OS 2.0.
  • Supports iOS Skype Multi-account.
  • Supports 21 new apps and updated 47 apps (Android).
  • Supports 14 new apps and updated 39 apps (iOS). 

MD-LIVE v3.4.8 ∼ v3.4.12

  • Supports user-defined filter of App list.
  • Added audio sync control function for recorded video play during the recording investigation process.
  • Improved App Downgrade and Restoring process.
  • Manufacturer backup for Android 10 or later version.
  • Enhanced iOS 15 analysis – Health, Memo, Reminders, Safari
  • Added ‘Export Multimedia Only’ option as user’s selection.

MD-VIDEO v3.8.0 v3.9.0

  • Supports image quality enhancement that overlying selected frames from the consecutive frames.
  • Added Image Filter – Color ‘Auto’ option, and ‘Opacity’.
  • Added Lens Distortion Correction – Adjust radial or tangential distorted frame.
  • Added Deinterlacing – Reconverts odd lines or even lines of interlaced video.
  • Added Deblurring – Recovers a sharp image from a blurred image.

MD-CLOUD v1.8.0 v1.8.1

  • Improved Google Drive analysis – Description, Owner, Deleted/Shared information.

Empower Your On-Site Investigation with MD-LIVE

Whenever to access the evidence phone at the crime scene, you may always suffer from insufficient time and its complicated steps to use the mobile forensic tool.
MD-LIVE has armed itself with various useful features to save the investigation time and to meet these needs for smartphone forensics.
Go check the features and find out how you can empower your investigation with MD-LIVE.

Check our YouTube channel and catch up with our latest product videos!

 

White paper – ‘Factory Reset(iOS, Android)’

In this whitepaper, you can find the definition of Factory Reset, how its method differs by OS and device environment, and why mobile forensic investigators should understand important meanings of Factory Reset, and lastly how MD-RED analyzes the log of Factory Reset.

This is the preview version of the white paper, and if you want to find out the full version please contact our team. 

sales@gmdsoft.com

 

Report and Media Exportation with MD-VIDEO

This is the last episode of the how-to video of MD-VIDEO.

You can learn how to export reports and media from MD-VIDEO.

 

Part1. Generating reports

Part2. Reviewing the data in the report

Part3. Exporting media

 

If you want to know more about our product, feel free to contact our team!

sales@gmdsoft.com

3Q 2021 MD-Series Release Note Highlights

MD-NEXT v1.90.3 ~ v1.90.11

  • Android Full Filesystem extraction for Android 11 Galaxy A series – Supports A10, A11, A30, A40, A50, Jean2, Wide4 series.
  • Increased iOS FFS extraction success ratio by improving the stability of Checkm8 method
  • Supports ‘Before First Unlock(BFU)’ extraction process when screen lock can’t be unlocked.
  • Supports HiSuite backup protocol for the devices with Android 10 or higher versions
  • Improved App Downgrade and Restoring process for Samsung Android version 11 or above

 

MD-RED v3.7.37 ~ v3.7.48

  • Supports analysis of Recycle Bin in Samsung devices with Android 11
  • Nokia feature phone analysis: TA-1017, TA-1034
  • Improved metadata analysis of image/video – MD-RED displays the time zone information next to the date/time
  • Supports ‘Unclassified file’ artifacts
  • Supports batch checking of related chat room/contact from the analysis results

 

MD-LIVE v3.4.4 ∼ v3.4.7 

  • Supports Video/Audio recording by HDMI capture card
  • Supports DB Report (SQLite)
  • Supports HiSuite backup protocol for the devices with Android 10 or higher versions
  • Added Keywords Search by Regular Expression

 

MD-VIDEO v3.7.0 v3.7.2

  • Supports video recovery from the file slack area of FAT32-based format free filesystem
  • Supports automatic detection of bounding box of each digit in the selected area
  • Improvements of MD-VIDEO AI – Timeline UI/UX, Added SRGAN model for super-resolution, Number Plate Analysis, Viewer UI, Comments UI
  • Added new models – DVR(5), Dashcam(5)

-DVR: Hanwha Techwin (XRN-1610A), ITX Security (UTM5HGB), NADATEL (AP-0405R), WEBGATE (HAC430F)

-Dashcam: Apeman (C450), COMTEC (ZDR-015), Garmin (66W), KENWOOD (DRV-MR745), Nextbase (622GW)

 

MD-CLOUD v1.7.0

  • Improved analysis of recurring information in Google Calendar
  • Enhanced preview function by adding additional media formats

 

Download the full release note highlights!

Analyze and Review the Data of ‘MeWe’ and ‘Threema’

We’ve been keeping up with the research on the globally rising social media apps, today we’ll introduce MeWe and Threema. MD-RED is supporting data analysis of MeWe Android from MD-RED v3.7.29 and Threema Android, MD-RED v3.7.31. Follow the below article and find out major features and how MD-RED displays the analysis results. 

 

1. MeWe 

 

  • What’s MeWe?

MeWe is the uplifting social network service app with awesome social features people love along with no ads, no targeting, and no newsfeed manipulation.  It has a timeline, groups, pages you can join, friends can make, a built-in messaging tool, and a profile page for users to customize.

 

  • Major features of MeWe and Analysis results of MD-RED

 

 

2. Threema

 

  • What’s Threema?

 

Threema is a paid open-source end-to-end encrypted instant messaging application for iOS and Android. The software is based on privacy by design principles as it does not require a phone number or any other personally identifiable information. Data is stored in an encrypted DB, and more security settings can be added to the settings. Users can do text messaging, make voice, and video calls, send multimedia, locations, voice messages, and files.

 

  • Major features of Threema and Analysis results of MD-RED

 

If you want to read the full article, please download the PDF file.