[DynoWiper](https://attack.mitre.org/software/S9038) is a destructive malware associated with the [2025 Poland Wiper Attacks](https://attack.mitre.org/campaigns/C0063) in December of 2025. [DynoWiper](https://attack.mitre.org/software/S9038) is a native Windows binary that is distributed by a PowerShell script and overwrites files using data generated by the Mersenne Twister algorithm before they are deleted from the system. Multiple variants of [DynoWiper](https://attack.mitre.org/software/S9038) have been identified, with the primary differences being that one variant shuts down the system after completing its destructive operations, and another introduces a time delay between file overwriting and deletion.(Citation: CERT Polska)(Citation: ESET DynoWiper Update JAN 2026)