EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs

A malicious ZIP masquerading as ESET-distributed content contained setup.exe, a destructive wiper that irrecoverably destroys infected hosts; targeting appears focused on Israeli cybersecurity organizations and the lure used ESET branding likely via a compromised store or email. The analyst provides multiple file hashes, a YARA rule, notes ESET detection Win32/Agent.AGFH, and raises links to Iran-associated operations (Handala/CyberToufan) based on shared artifacts and political messaging.