App Review of Calculator Photo Vault

Written by Amber Schroader

June 5, 2019

Often in digital forensics, you end up with odd Apps that you need to review as part of your investigation that your tool does not support.  In this quick review, we will look at the App Calculator Photo Vault and the data that can be found from unsupported Apps.

Calculator+ Photo Vault v.8.8.0 by FishingNet

When we did the review of this App, we reviewed it on a device that we had root level access.

As a result, when reviewed in the E3 Platform, databases were able to be obtained from the device.  However, the images and other files from this app (see Calc_Android.png in attachments) were not found in the database, except for the files that were cached when I was browsing images to add in Calculator (see Calc_browse.png in attachments). See images below.

This led me to believe that the Calculator+ Photo Vault for Android encrypts all images and other files with their own encryption.  This creates a barrier for your forensic tools in their ability to find this data. Since encryptions are proprietary, a large amount of time would need to be spent trying to decrypt this App.

When we looked at the same style of App on iOS called Fake Calculator v.1.2 by Secret Calculator+ Photo Lock, we discovered very different results. The application does not encrypt images and other files. There is also the ability to open a built-in Browser and navigate to some websites.  Although the intent of this App to encrypt the data was the same, the results on iOS were vastly different than what we saw with Android.  When we processed it with the E3 Platform, we obtained files from this application for iOS with a logical image (see image below).  With that image, we could see in plain view the images from the App, unlike what we saw with Android. 

In conclusion, this is a quick reminder to pay attention to the odd Apps on the devices during investigations, and what they might be able to offer you can change with each type of device.

Forensic-Impact Articles

Phishing Attacks via Social Media

Phishing Attacks via Social Media

When it comes to cybersecurity, it's common to underestimate the risk of cyber threats infiltrating your home. Yet, the reality is that with children who may not be fully aware of cyber safety measures, it's easy for threats to creep in. Recently, one of my children...

Making an Investigations Sock Puppet

Making an Investigations Sock Puppet

Transcript Hello and welcome to the next edition of, the Forensic Impact blog. I'm Amber Schroader. I have been off the video blog for a hot minute because I have broken my ankle, as you can see by my scooter. This is the best background I can get going right now. So,...

Empowering Small Businesses: The Significance of Data Governance

Empowering Small Businesses: The Significance of Data Governance

Guest Blog Post In today's digitally driven world, data is the lifeblood of businesses, regardless of their size. Small businesses, in particular, stand to gain significantly from harnessing the power of data. This article from Paraben Corporation delves into the...