Battery Usage Statistics (batterystats)
Location
Accessible via ADB (dumpsys batterystats) or /data/system/batterystats.binDescription
Binary statistics file and system service data maintained by the Android BatteryStatsService, tracking detailed per-application battery consumption metrics. Records include wakelock acquisitions and durations, CPU time per UID, network bytes sent and received per app, sensor usage (GPS, accelerometer), camera and flashlight usage, Bluetooth scan counts, Wi-Fi scan counts, and foreground/background process time, all correlated with battery charge and discharge cycles.
Forensic Value
Battery statistics provide an indirect but comprehensive record of application activity through resource consumption patterns. Applications with high wakelock times were actively preventing the device from sleeping, which is characteristic of stalkerware, cryptocurrency miners, and C2 beaconing malware. Per-app network byte counts reveal which applications transferred significant data, identifying potential exfiltration channels. GPS sensor usage entries indicate which apps were actively tracking the device location. Camera and microphone usage metrics expose surveillance activity. The historical discharge cycle data establishes device usage patterns across multiple charge cycles, providing multi-day activity timelines.