Trend Micro found a new KillDisk variant targeting financial organizations in Latin America, but the excerpt does not attribute the activity to a named threat actor. The malware appears to be intentionally dropped by another process or used as part of a larger attack package, with hardcoded paths and a rename routine that leaves a zero-byte artifact during execution. It wipes files across fixed and removable drives, overwrites MBR, EBR, and volume sectors, and then attempts to force a reboot by terminating critical Windows processes or calling the system reboot function. Unlike earlier ransomware-themed KillDisk activity, this variant has no ransom note, making its primary impact destructive data loss rather than extortion.