Top Ad unit 728 × 90

Latest News

random

Daily Blog #411: Exploring Extended MAPI Part 16

Hello Reader,
                 I decided to test a Microsoft Word attachment this time to see if the results would be any different. In the end the results were the same but I need to do one more test tomorrow to see if the internal metadata varies from the file system metadata if their is any difference.

Here is the original file metadata:


This is the Extended MAPI properties of the attachment


Again the creation time is being set to when the message was sent, this is different than Arman's testing so I'm trying to see what I'm doing different. I'll know for sure when he comes on the Forensic Lunch this month.

Here is the resulting metadata of the saved file:

More testing to come!
Daily Blog #411: Exploring Extended MAPI Part 16 Reviewed by David Cowen on July 02, 2018 Rating: 5

No comments:

All Rights Reserved by Hacking Exposed Computer Forensics Blog © 2014 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form

Name

Email *

Message *

Powered by Blogger.