Gmail analysis

Gmail is an e-mail service provided by Google. A Gmail account is often asked for, though is not required, when the device is being set up for the first time.

Package name: com.google.android.gm

Version: Default version with Android 5.0.1 (not listed within app)

Files of interest:

/cache
/databases/
- mailstore.<username>@gmail.com.db
- databases/suggestions.db
/shared_prefs/
- MailAppProvider.xml
- Gmail.xml
- UnifiedEmail.xml

The /cache directory within the application folder contains recent files that were attached to e-mails, both sent and received. These attachments are saved here even if they are not explicitly downloaded by the user.

The mailstore.<username>@gmail.com.db file contains a variety of useful information. Interesting tables within ...

Get Learning Android Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Android Forensics by Rohit Tamma, Donnie Tindall

Gmail analysis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly