[Case Study] SPF Pro Manual Backup Extraction Demonstration – Mobile Forensics

Mobile Phone Operation Procedure

1.Go to Settings

2.Locate Backup & Reset (in other systems, it may also be Backup & Restore or other similar name)

3.Click Local backups

4.Click Back up to create a new backup

5.Then check the boxes of the apps you what to extract

6.Click Back up to start creating backup

7.Then wait for the process to complete

8.Connect the smartphone to a computer and extract the backup data from the SD card.
9.The storage location of the backup data is usually in a folder named backup
In this demo, the location is as follow: SD card\MIUI\backup\AllBackup

SPF Pro Operation Procedure

Now use SPF Pro to load and analyze the backup data you just extracted

• Create a new case or open an existing case

• Click Folder Analysis then find and load the backup folder acquired from the phone.

Note: Please load the root folder of the backup files (the upper folder of the app folders), otherwise SPF Pro may not recognize the backup files.

• Click Automatic Logical Extraction
• Select your extraction targets
• Click Start to begin the process

•  Wait for the process to finish and then you can see the extraction results

① Navigation Panel
Click here to navigate between different apps and categories.

② Triage Window
All extracted data will be displayed here.

③ Filter Bar
Set filters to quickly locate target data according to time, keywords, etc.

④ Report
Click to open the report window and generate a forensic report.