Skype analysis
Skype is a voice-/video-calling app, as well as a messaging app owned by Microsoft. It has over 100,000,000 installs on Google Play.
Package name: com.skype.raider
Version: 5.1.0.58677
Files of interest:
/cache/skype-4228/DbTemp
/sdcard/Android/data/com.skype.raider/cache/
/files/
shared.xml
<username>/thumbnails/
<username>/main.db
<username>/chatsync
The /cache/skype-4228/DbTemp
directory contained multiple files with no extension. One of these files (temp-5cu4tRPdDuQ3ckPQG7wQRFgU
on our device) was actually a SQLite database that contained the SSID and Media Access Control (MAC) of the wireless access points it had been connected to.
The SD card path will contain any images or files received in a chat. If a file is downloaded, it would ...
Get Learning Android Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.