Iran's computer emergency response team (http://certcc.ir/index.php?name=news&file=article&sid=2293) is reporting new malware targeting computers in the country that is wiping data from partitions D through I (https://threatpost.com/en_us/blogs/iran-cert-reports-new-data-wiping-malware-121712). It is set to launch on only particular dates. 'Clearly, the attacker was trying to think ahead. After trying to delete all the files on a particular partition the malware runs chkdsk on said partition. I assume the attacker is trying to make the loss of all files look like a software or hardware failure (http://www.securelist.com/en/blog/208194052/GrooveMonitor_Another_Wiper_Copycat). Next to these BAT2EXE files there's also a 16-bit SLEEP file, which is not malicious. 16-bit files don't actually run on 64-bit versions of Windows. This immediately gives away the malware's presence on a x64 machine.' While there has been other data-wiping malware targeting Iran and other Middle East countries such as Wiper and Shamoon, researchers said there is no immediate connection.

http://it.slashdot.org/story/12/12/18/2134253/new-malware-wiping-data-on-computers-in-iran