DynoWiper - S9038 (34057cb6-0a56-48a3-92e5-3af1357808da)
DynoWiper is a destructive malware associated with the 2025 Poland Wiper Attacks in December of 2025. DynoWiper is a native Windows binary that is distributed by a PowerShell script and overwrites files using data generated by the Mersenne Twister algorithm before they are deleted from the system. Multiple variants of DynoWiper have been identified, with the primary differences being that one variant shuts down the system after completing its destructive operations, and another introduces a time delay between file overwriting and deletion.(Citation: CERT Polska)(Citation: ESET DynoWiper Update JAN 2026)