Analyzing Windows Phone 8.1 JTAG and UFED Dumps

In recent months, we’ve started receiving calls from our customers asking us about extracting files and looking for evidence in binary dumps extracted out of Windows Phone 8 devices. We’ve got dozens of requests from European police departments, especially those from Germany, Italy, and the UK about extracting and analyzing JTAG and UFED-produced dumps of Windows phones. While in the past we were reluctant to work in this direction considering how small of a market share these devices had, the recently published numbers of every 10th device sold in Europe being a Windows Phone made us change our mind.

Meet the newest release of Belkasoft Evidence Center! In this release, we’ve added the ability to process, parse, and extract information stored in binary dumps of Windows Phone devices captured with JTAG or Cellebrite UFED hardware. We can fully reconstruct the original file system of the device, allowing experts to browse through the file system and view and extract individual files and folders.

Our signature discovery and analytics are also there for Windows Phone data. The updated Belkasoft Evidence Center will automatically search for, extract and analyze the many types of evidence essential for your investigation. Contacts and address books, call logs, Skype chats and communication histories in third-party messengers, browsing history and cached social network conversations are carefully extracted and added to the list of available evidence.

Read more at http://belkasoft.com/jtag-analysis

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: