Notifications
Clear all

AppDomain lists

1 Posts
1 Users
0 Likes
305 Views
(@baywolf88)
Posts: 3
New Member
Topic starter
 

Hi everybody,

I'm Josh, private investigator and digital forensics analyst in South Carolina.

In the last few encase images of iPhones I have found evidence of 'hidden folder' apps in the AppDomain directory
com.enchantedcloud.photovaultpro
com.onewave.folderfree

These apps look like a basic icon on the phone, but prompt for a pin when clicked by a user.

From a forensic standpoint there was no encryption of the files contained in these directories so it was easy to view the 'hidden' items. I know there are a few designed to look like your calculator.

Does anyone know of some good lists of identifiers for iOS or android apps related to 'hidden' folders?
Most of what I found when I went looking were default app listings for the native Apple apps. While that is great for a white list, i'm looking for signs of deception many times in my cases.

I believe these would make great keyword lists for Encase processing. Hidden folders, VPNs, etc…

Thanks!

 
Posted : 14/10/2016 1:44 am
Share: