Media Store & Thumbnails
Location
/data/media/0/DCIM/, /data/media/0/.thumbnails/, and /data/data/com.android.providers.media/databases/external.dbDescription
The Android MediaStore content provider database (external.db) indexes all media files on the device including photos, videos, and audio recordings. DCIM contains camera-captured images and videos. The .thumbnails directory stores automatically generated preview images for gallery display. The database records file paths, EXIF metadata, dimensions, duration, date taken, date added, and bucket (folder) associations.
Forensic Value
The MediaStore database retains metadata entries for media files even after the original files have been deleted, providing evidence of photographs and videos that once existed on the device. Thumbnails in the .thumbnails directory are generated independently and often survive deletion of the source image, preserving visual evidence. EXIF metadata embedded in photos includes GPS coordinates, camera settings, and timestamps that establish when and where images were captured. The date_added versus datetaken discrepancy can reveal files received from external sources versus captured on the device.