{
	"id": "0f36f8dc-1466-4615-b6a4-f6d1343d074c",
	"created_at": "2026-04-06T00:08:35.666084Z",
	"updated_at": "2026-04-10T13:11:49.295916Z",
	"deleted_at": null,
	"sha1_hash": "ae98b81bf5c438fb828d5a1dbe5b9788d24dd521",
	"title": "ATMSpitter (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28026,
	"plain_text": "ATMSpitter (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 17:29:09 UTC\r\nThe ATMSpitter family consists of command-line tools designed to control the cash dispenser of an ATM through\r\nfunction calls to either CSCWCNG.dll or MFSXFS.dll.\r\nBoth libraries are legitimate Windows drivers used to interact with the components of different ATM models.\r\n[TLP:WHITE] win_atmspitter_auto (20251219 | Detects win.atmspitter.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.atmspitter\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.atmspitter\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.atmspitter"
	],
	"report_names": [
		"win.atmspitter"
	],
	"threat_actors": [],
	"ts_created_at": 1775434115,
	"ts_updated_at": 1775826709,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ae98b81bf5c438fb828d5a1dbe5b9788d24dd521.pdf",
		"text": "https://archive.orkl.eu/ae98b81bf5c438fb828d5a1dbe5b9788d24dd521.txt",
		"img": "https://archive.orkl.eu/ae98b81bf5c438fb828d5a1dbe5b9788d24dd521.jpg"
	}
}