XFSADM has been detected that as ATM malware but its author's identification or intentions are not clear. It was first detected in Russia in 2019. This malware is designed to make use of a DLL library known as XSF (Extension for Financial Services) that only exists in automated teller machines (ATM), which provides an API that interacts with the msxfs.dll library, allowing the software to communicate with the PIN keyboard of the ATM and thus be able to capture the information entered by the user.
XFSADM ATM Malware Signatures
Family: Trojan.Win32.ATMXFSADM.A
MD5: 55cd380a63fad7a750b7c03e3e57fed4
SHA256: 2740bd2b7aa0eaa8de2135dd710eb669d4c4c91d29eefbf54f1b81165ad2da4d
XFSADM ATM Malware Download