This study aims to conduct a forensic analysis of the WhatsApp application on the Bluestacks android simulator device. BlueStacks App Player is designed to allow Android apps to run on PCs running Microsoft Windows and Apple's macOS. In this study, the scenario was carried out using two devices as Whatsapp communication media. The first device is a laptop device that uses the Bluestacks android simulator with the SM-G955F device type, and the second is a smartphone device as opposed to communication. This study uses the ACPO standard which consists of several stages such as Plan, Capture, Analysis, Present. Pada tahap Capture, teknik yang digunakan dalam melakukan pencarian bukti pada aplikasi BlueStacks adalah live forensik. Hasil penelitian ini menunjukan bahwa analisis forensik pada perangkat android simulator Bluestacks dapat dilakukan sesuai prosedur ACPO. From the procedure carried out, information related to communication on the WhatsApp application was obtained. The source of this information is obtained from the WhatsApp database file msgstore.db.crypt12 which has been decrypted using the SQLite Browser application with a combination of the WhatsApp Key file contained in the cloned digital evidence. From the results of the decryption that has been carried out, then an explanation is carried out through the WhatsApp viewer application to make it easier to understand from the display side.
Copyrights © 2021