To create a case in Magnet AXIOM, perform the following steps:

1. Start AXIOM Process and click the CREATE NEW CASE button:

2. The first windows is CASE DETAILS; here we have to fill in a few fields, such as case number, type, path to case files, and acquired data:

3. The EVIDENCE SOURCES window allows the examiner to choose the data source or acquire an image directly from the device:

4. For demonstration purposes, we are going to use a physical image of a Samsung smartphone, so let's choose the ANDROID option:

5. As we decided to use a pre-made image, choose the LOAD EVIDENCE option:

If you want to create an image with Magnet AXIOM and then process it, you can choose the ACQUIRE EVIDENCE option.

6. As we are using an image, choose the IMAGE option in the next step:

Now we can see that our evidence source is added to the case:

Let's go further and configure the processing details:

• ADD KEYWORD TO SEARCH: You can add keyword search terms or even lists before processing has started, so you can find the hits under Keywords filter in AXIOM Examine.
• MAGNET.AI CHAT CATEGORIZATION: AXIOM uses built-in categories to categorize chat conversations, so it can extract useful artifacts from thousands of messages automatically thanks to machine learning.
• SEARCH ARCHIVES AND MOBILE BACKUPS: This option is especially useful for computer forensics; if AXIOM finds an archive or a mobile backup, it will process it and add its data to the case.
• CALCULATE HASH VALUES: You can import hashsets to exclude known good files from the case:

• CATEGORIZE PICTURES AND VIDEOS: Allows the examiner to use hashsets for known media files or JSON files from Project VIC and CAID.
• ADD CPS DATA TO SEARCH: Allows the examiner to import and use data from Child Protection System (CPS) website.
• FIND MORE ARTIFACTS: Allows the examiner to use the Dynamic App Finder to find application data that currently is not supported by the product:

7. Choose the artifacts the examiner wants to extract. As our source is an Android image, we have chosen all mobile artifacts:

Of course, if it's necessary, the artifacts list can be customized:

Now we are ready to start image processing:

The AXIOM Examine windows will open automatically, so you can start the analysis during the processing stage. The AXIOM Process window is still useful, you can monitor the progress of processing.