I specifically need help with what caused malware.hidden to be created and what caused the batch files in the recycle bin and the example videos folder in the Public users files to be created. I am stuck at this point. Basically just help me find out what happened on the device by using the image file provided below in the drive link. Use tools like ftk imager, SQLite, and a hex editor to help me.

Below is the assignment details but I only need help with what is above.

1. BLUF-format document of understanding of this system.
2. A file system hierarchy diagram (with a format of your choosing) that expresses your understanding of this system's files. Submit the diagram flattened to a PDF or image file or as a page of your document.
3. A list of user accounts that have access to the system or have used it.
4. A list of data files that you found. Sort and organize the list in a way that makes sense to you. Describe the contents of the data files you've found. (e.g. Don't just tell me that they are .jpg files - what are the images of?)
5. A description of the application history of the primary user's typical programs - web browsers, email programs, word processing programs, spreadsheet programs, etc.
6. Any Indicators of Compromise (IOCs) that you might identify, or that you think are potentially suspicious. https://drive.google.com/file/d/1a2JcVZp5c0mpVF7zegwrU3zgbsK_mN3z/view?usp=sharing