!null

Tools and Equipment Used: - Samsung Galaxy Grand Prime - Rooted - Android 5.1.1 - Microsoft Cortana Digital Assistant - 2.10.5.2209 enus release (updated on May 31st, 2018) - Forensic Imaging: Magnet Acquire 2.4.0.11694 - Forensic Image Processing: Autopsy 4.7.0 - SQLite Viewer: Forensic Browser for SQLite 3.2.14 Summary: Cortana keeps a variety of pertinent information about the user and their activities including geolocations, timestamps, user history, known devices, and events/reminders among other data. DssDatabase: - Location: /userdata/data/com.microsoft.cortana/databases/DssDatabase - “Alarmdescriptor” and “reminderdescriptor” - Information about the alarms and reminders set (types: triggerless, location, or time, status last updated times, etc). - “Notificationdescriptor” - Notification information, in this case News and Weather. Both include the content, links, notification time and other data. - Not