THE DFIR BLOG
Menu

Windows Forensics

Antedating

6/23/2019

 
Antedating: Creating a document with incorrect time stamps.
Investigation:
  • Analyzing the metadata of the document to get the baseline information is the first step.
  • Secondly, perform a comparative analysis of the metadata of all the documents under the investigation.
  • One might get some important information from the source machine. Analyze the event logs if it's a windows machine.
  • Look for the email headers if the document is shared via email.
  • Use basic common sense in analysis by looking and the OS and the release date of the extension.

How to antedate a document?
  • Use Software to change the metadata.
  • Changing the computer time before creating an electronic document is another method of antedating, as the metadata for the newly created electronic file will be based on the incorrect setting of the system.

Readings:
http://www.cse.scu.edu/~tschwarz/COEN252_13/Papers/antedating.pdf
profitcoin
4/27/2021 04:06:24 pm

FOR RECOVERY OF STOLEN BITCOIN / CRYPTOCURRENCY ,  RECOVERY OF LOST FUNDS FROM SCAMMER.  Have  you ever been a victim of a scam?  or have you lost your money to fake hackers online? I implore you to contact this trustworthy hacker and   recovery expert [email protected] , I was a victim of fake people posing as  binary options and bitcoin investors,  I lost a sum of $4,000 and 2BTC from my bitcoin wallet to these fakes. It took a while before I realized they were scams and this really hurt .Then an in-law of mine heard about it and recommended to me a specialist with the address -  [email protected]  . He helped me recover my lost bitcoins  in less than 72hrs  and the fakes were caught and made to pay for what they did to me .if you have lost any amount to online scams and you're seeking to recover LOST FUNDS from wallet hackers, fake hackers,  online dating scams, BTC wallet hack, recovery of lost funds from fake binary investors  .Reach out to  Wizard Charles Group Hackers  to help you


Comments are closed.

    Archives

    September 2019
    August 2019
    July 2019
    June 2019
    March 2019
    March 2018

    Categories

    All
    ATA
    Detection
    Forensics
    Microsoft
    Rules
    Windows
    Windows Foreniscs

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me