According to the massive development of mobile and communications technology, the mobile devices now are highly performed in personal information capacity and the mobility, both of the powerful hardware and software are encouraging the dependence of full aspects. Whereas, the means of the phone based swindles, MMS and mobile malicious code attacks also evolve everyday, which makes the mobile devices become the high-tech crime tool used by many offenders. First of all, this study will be directed against the static analysis of the malicious code attacks, and then conduct in-depth analysis of which dynamically to compromise digital evidence forensics procedures and regulations, then set them up. Accordingly, for the forensic officers, they can merely use the software against mobile communication as the main tools by following the procedure to accomplish their duty. This will ensure the proper preservation of evidence Chain of Custody （ CoC）, to facilitate proceeding investigation and analysis by providing digital evidence. Eventually, to reinforce integrity, consistency and accuracy of the digital evidence in the court of law.