Android app analysis helps a forensic investigator look for valuable data in relevant locations on a device. Reverse engineering Android apps is the process of retrieving source code from an APK file. Using certain tools, such as dex2jar, Android apps can be reverse-engineered in order to understand their functionality and data storage, identify malware, and more. In this chapter, we performed analysis on different android applications and we are now able to retrieve data from them. We also learned about different types of Android malware and how to identify them. Tools such as UFED Physical Analyzer come with BitDefender software, which can automatically scan for malware.

The next chapter covers performing forensics on Windows Phone devices.