PricingBlogAbout Us

Digital Forensics Investigation Report for COIT12201, Semester 2, 2019

Verified

Added on  2022/10/17

|33
|2049
|12
Report
AI Summary
This report details a digital forensics investigation into an eCrime case, utilizing the Autopsy tool for analysis. The investigation involved creating a new case, adding hosts and devices, initializing the process, and backing up data. Data separation techniques were employed to categorize files, including audio, video, and deleted files. The report outlines the steps taken, including the generation of a final report formatted for the client. The investigation involved analyzing several files, including .mddramimage.zip, .E01 files, and identifying key findings such as the identification of individuals spying on a company president, the methods they used, and their motives. The report also details the evidence found, including databases, HTML files, plaintext, and email addresses, and concludes with a bibliography of relevant sources.
Document Page
Running head: Electronic Crime and Digital Forensics
Electronic Crime and Digital Forensics
Name of the Student
Name of the University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1Electronic Crime and Digital Forensics
Table of Contents
Activity two:....................................................................................................................................4
Creating a new case:....................................................................................................................4
Addition of host or the files and devices:....................................................................................4
Initialize the process:...................................................................................................................4
Back-up of data and cloning for forensics:..................................................................................4
Data separation:...........................................................................................................................5
The generation of report:.............................................................................................................5
Creating a new case:....................................................................................................................5
Addition of host or the files and devices:....................................................................................6
Initialize the process:...................................................................................................................6
Back-up of data and cloning for forensics:..................................................................................6
Data separation:...........................................................................................................................6
The generation of report:.............................................................................................................7
Investigation:...............................................................................................................................7
pat-2009-12-11.mddramimage.zip:.........................................................................................7
jo-work-usb-2009-12-11.E01:...............................................................................................11
pat-2009-12-11.E01:..............................................................................................................17
• Who is spying on Pat?.................................................................................................................29
Document Page
2Electronic Crime and Digital Forensics
• How are they doing it? Can you identify specific methods or software they have used to
facilitate this?.................................................................................................................................30
• Why is the employee spying on Pat?...........................................................................................32
• Is anyone else involved? Would you characterize them as accomplices?..................................32
Bibliography:.................................................................................................................................33

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3Electronic Crime and Digital Forensics
Activity two:
For investigation the files in activity two autopsy tool has been used. The following tasks have
been done by the autopsy tool.
Creating a new case:
After the autopsy tool has been started and the interface of the too is being initialized
with the facility on the environment in order to perform a digital data forensic that is effective
over the media that is specific. For creating new case, the create new case option should be
clicked from the graphical user interface of the autopsy tool. The name of the case and details of
location are filled in order to make sure its integrity. Then to make sure who is examining the
case is then fetched into the user interface.
Addition of host or the files and devices:
The analysis of the process begins with the data link that is given in the autopsy window.
Initialize the process:
In order to initialize the procedure, the configuration of wizard option is used in the
autopsy tool in order to finalize the data link that is being added for analysis.
Back-up of data and cloning for forensics:
After the above procedure, the data is saved automatically in order to avoid the loss of
data and then they are placed in the format as said in the previous step request as the look-up
hash, exit parser etc. The data is then stored in the folders as cache, temp, export file backup with
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4Electronic Crime and Digital Forensics
the run time details and complete details about the procedure and can only be read by the
explorer of autopsy.
Data separation:
The separation of data is done as per the nature of the data as audio, video and some other
formats along with their files that are deleted and the files that are edited too. The specific details
of the documents and the details of metadata are retrieved using the autopsy tool. The next step is
the extraction using the autopsy tool. The files that are deleted and the other extra data are found
to be availed. The data that are present are detailed according to the criteria. The data that is in
the form of video can be played and examined. All the files that are in extension are named
according to their detail and nature. The details of the devices that are connected can reveal their
durations and establishments. The information that is about the software can be detailed.
The generation of report:
In this stage the details that are being retrieved are then formatted into a report for the
client or the case of use proceedings. The data format that is being required according to the
snapshot that is given is only possible with the version that is latest of the autopsy software.
These are the criteria’s that are required according to the preference of the client. The file of html
gives the data with the details that are limited or consolidated according to the policy of privacy
of data share according to the legal privacy policy f the government.
Creating a new case:
After the autopsy tool has been started and the interface of the too is being initialized
with the facility on the environment in order to perform a digital data forensic that is effective
Document Page
5Electronic Crime and Digital Forensics
over the media that is specific. For creating new case, the create new case option should be
clicked from the graphical user interface of the autopsy tool. The name of the case and details of
location are filled in order to make sure its integrity. Then to make sure who is examining the
case is then fetched into the user interface.
Addition of host or the files and devices:
The analysis of the process begins with the data link that is given in the autopsy window.
Initialize the process:
In order to initialize the procedure, the configuration of wizard option is used in the
autopsy tool in order to finalize the data link that is being added for analysis.
Back-up of data and cloning for forensics:
After the above procedure, the data is saved automatically in order to avoid the loss of
data and then they are placed in the format as said in the previous step request as the look-up
hash, exit parser etc. The data is then stored in the folders as cache, temp, export file backup with
the run time details and complete details about the procedure and can only be read by the
explorer of autopsy.
Data separation:
The separation of data is done as per the nature of the data as audio, video and some other
formats along with their files that are deleted and the files that are edited too. The specific details
of the documents and the details of metadata are retrieved using the autopsy tool. The next step is
the extraction using the autopsy tool. The files that are deleted and the other extra data are found
to be availed. The data that are present are detailed according to the criteria. The data that is in

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
6Electronic Crime and Digital Forensics
the form of video can be played and examined. All the files that are in extension are named
according to their detail and nature. The details of the devices that are connected can reveal their
durations and establishments. The information that is about the software can be detailed.
The generation of report:
In this stage the details that are being retrieved are then formatted into a report for the
client or the case of use proceedings. The data format that is being required according to the
snapshot that is given is only possible with the version that is latest of the autopsy software.
These are the criteria’s that are required according to the preference of the client. The file of html
gives the data with the details that are limited or consolidated according to the policy of privacy
of data share according to the legal privacy policy f the government.
Investigation:
pat-2009-12-11.mddramimage.zip:
By investigation this file the results that have been got are given below:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7Electronic Crime and Digital Forensics
1 archive have been found within the encrypted file
There are 6 databases that have been found in the encrypted file
Document Page
8Electronic Crime and Digital Forensics
24 HTML files has been found in the file that has been encrypted.
612 plaintext has been found in the encrypted file.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
9Electronic Crime and Digital Forensics
There are 7624 deleted files in the encrypted file
These are the email addresses that have been found are provided in the screenshot
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
10Electronic Crime and Digital Forensics
jo-work-usb-2009-12-11.E01:
By investigation this file the results that have been got are given below:
Document Page
11Electronic Crime and Digital Forensics
10 video files have been found
3 databases have been found in the encrypted file

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 33
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.