Physical Analyzer, Logical Analyzer, Cellebrite

Reader, and UFED Cloud

Release Notes
Jan. 2023 | Version 7.60
 Here’s What’s New in Cellebrite Physical Analyzer
Version 7.60

Summary
Cellebrite Physical Analyzer Version 7.60 introduces new examination and validation
capabilities.
» New examination capabilities
• Expanded support for iOS Biome
Identify user interaction with the device by reviewing wireless connection and device
events and explore new Biome data by using our new Biome (SEGB) file format viewer.
• Support for Snapchat Stories
Can view Snapchat stories that were captured within 24 hours.
• Crypto Wallets iOS - Transactions
Can review cryptocurrency transactions from Coinbase, Trust, Metamask and MEW, and
better understand the money trail.
• Support for Session Private Messenger – Android
Enables you to review more by using the encrypted messaging application session.
» New UFED Cloud capabilities
• iCloud Messages - new data source
Review more when downloading Messages from iCloud without downloading a full
backup.
• iCloud Photos - new data source
Learn how downloading Photos from iCloud without downloading a full backup can
enrichen your examination.
• TikTok - Support captcha
Easily authenticate TikTok Private Cloud with the new PA capability of captcha prompts.
• Samsung Cloud
Enjoy the new extraction of Samsung Cloud backups.
» Important information
• BSSID - Service retirement announcement
Cell Tower and BSSID Enrichment service - important information.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

2
Support for updated App versions
Total App versions: 12,518

Updated app support: 51

51 updated applications: Support for 51 new app versions of iOS (26) and Android (25)
devices.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

3
New examination capabilities

Expanded support for iOS Biome

Physical Analyzer has expanded the number of artifacts supported by iOS Biome. PA can now
parse Wireless connection artifacts. In addition, device events (Airplane Mode status, Lock
Status, Orientation change, and plugged-in status) are now parsed from the Biome Service.
A file format viewer has been added to the Biome service format (SEGB), enabling PA users
to view the unparsed BIOME data in a structured way.
You can now identify from which application an event originated in the “Service Identifier”
field in artifacts such as messages and calls.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

4
Support for Snapchat Stories
Physical Analyzer now decodes Snapchat stories located under the social activity model;
users can now get the location and media files uploaded by the user.

Crypto Wallets iOS - Transactions

Physical Analyzer users can now review transactions made with the iOS Crypto Wallets
Coinbase Wallet, Trust Wallet, Metamask, and MEW
The artifacts are located under the Transfers model.

5
Support for Session Private Messenger – Android
PA users can now review Session Messenger Messager’s Calls, User accounts and more.
(Session Private Messenger is a secured private messaging app.)

Upgrade to IronPython 2.7

PA Phyton scripts and plugins written by users are now will run on IronPython 2.7 instead of
IronPython 2.6.

Update decoding support for Signal Android

PA now supports the latest Signal Android versions.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

6
New UFED Cloud capabilities
iCloud Messages - new data source
Physical Analyzer users can review iCloud Messages stored on Cloud using an account
package.

iCloud Photos - new data source

Physical Analyzer users can review iCloud Photos and shared album data using an account
package.

TikTok - Support captcha

Physical Analyzer now responds to captcha prompts when authenticating TikTok Private
Cloud.

Samsung Cloud
Physical Analyzer now supports the extraction of Samsung Cloud backups.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

7
BSSID Enrichment – Important service update
Physical Analyzer will no longer support BSSID and Cell Tower Enrichment, Starting with PA
version 7.61.
We are committed to providing our customers with the tools needed to carry out great
examinations. This feature is not as reliable as it was in the past and is no longer able to
provide the quality of service that our customers require.
• In most cases BSSID Location information exists within the extraction, and there is no need for
external enrichment.
• The BSSID enrichment dataset is becoming outdated and may be providing location
information that is no longer accurate. Alternatives were investigated but no suitable
replacement was found.
• We ensure the highest quality for our customers; currently there is no other enrichment
dataset that can provide the quality of data required.
• A BSSID record on a device typically indicates a device has been close to the network at some
time. However, the timestamps associated with the record may not be relevant to the time that
the device was there. This type of location information must therefore be handled with caution.
The ability to parse location data is extremely important. PA invests in growing Location
capabilities and continues to look for ways to improve our location-based features, including:
• Better definitions and classifications of locations to distinguish those that are visited as
opposed to those that are searched, etc.
• Finding and implementing more reliable sources of location artifacts such as Samsung Rubin
and iOS Biome.
• Improving the searching and filtering options, such as Location Proximity Filtering.
• Reliable attribution of media origin to enable determining device location with a high degree of
confidence.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

8
Solved issues
» iOS Location services shows wrong value.
» iOS Messages – Addition of deletion state to chat participants .
» iPhone GK | iOS Location Services show wrong value.
» sms.db (iPhone backup) | PA not parsing native messages.
» WeChat (IOS) 8.0.28 | not parsing anything.
» WeChat IOS 8.0.27.33 | Parser throwing an error in trace.
» SQLite parser misses data.
» Nokia TA-1114 wrong incoming\outgoing call direction.
» Wickr Input password does not work.
» Dictionary attack not working - limited to Wickr.
» Instagram Android - Fix parsing of deleted records.
» CashApp iOS wrong transaction direction and account owner data.
» Report Attachment Redaction did not redact all attachments.
» PA BSSID Enrichment failed.
» Creating a UFDR report caused PA to crash.
» PA 7.58 would crash when attempting to open an extraction by clicking File > Open Case.
» In version 7.59 PA sometimes crashed when network traffic was disabled in Settings.
» There was a malware scanner error exception when downloading update from the "Update"
button.
» PA would crash several minutes after loading a specific iOS DUMP file.
» When parsing WeChat, PA would throw the error “StartIndex cannot be larger than length of
string” without parsing.
» DE 2.0 - Incorrect timestamp of 16:01 when opening zip file as empty project.
» Timeline filter did not select all the items in a chat bubble.
» UFDR report failed.
» PA crashed on startup.
» App crashes when network traffic is disabled from Settings.

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

9
New and updated apps

iOS: New and updated apps

# Updated Apps — iOS
Chrome 108.0.5359.52
Coinbase 28.17
Facebook 394
Facebook Messenger 390.0.0.20.104
Firefox 107.2
Gmail 6.0.221113
Google Maps 6.47
Instagram 262
KakaoTalk 9.9.8
Kik Messenger 16.7.1
Line 12.20.0
Metamask 5.11.0
My Ether Wallet 1.8.2
Privet Photo Vault 14.4
ProtonMail 4.1.1
Signal Private Messenger 6.4
Skype 8.91
SnapChat 12.12.1.40
Telegram 9.3
TikTok 27.1.0
Trust Wallet 7.22
Twitter 9.34.6
Viber 19.0.0
WeChat 8.0.31
WhatsApp Business 2.22.24.81
Wickr 6.0.5

10
Android: New and updated apps
# Updated Apps — Android

Bit Pay 14.7.8

Chrome 107.0.5304.141
Coinbase 28.16.0
Facebook 394.1.0.51.107
Facebook Messenger 391.0.0.12.404
Firefox 107.2.0
Gmail 2022.10.30.488439685.Release
Google Drive 2.22.457.2.all.alldpi
Google Maps 11.57.4801
Google photos 6.15.0.490613891
Instagram 261.0.0.21.111
KakaoTalk 9.9.7
Kik Messenger 15.48.1.27323
Line 12.20.2
Metamask 5.11.0
My Ether Wallet 2.5.1
Session 3.2.13
Signal Private Messenger 6.7.6
Skype 8.91.0.406
SnapChat 12.13.0.33
Telegram 9.3.3
TikTok 27.2.5
Trust Wallet 6.57.1
Twitter 9.65.6-release.0
Viber 19.0.2.0

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile
11
The Industry Standard for Digital Data Examination
Read more about Physical Analyzer here
Update your Physical Analyzer today

Telegram: Contact: @progress2023

Group: https://t.me/Forensic_Mobile
Chanel: https://t.me/+A7fKZ4kgMFJhYzhi
Chanel: https://t.me/ForensicMobile

12