SDelete

SDelete is an application that securely deletes data in a way that makes it unrecoverable. It is part of the Microsoft Sysinternals suite of tools. [1]

ID: S0195
Type: TOOL
Platforms: Windows
Version: 1.2
Created: 18 April 2018
Last Modified: 12 August 2020

Techniques Used

Domain ID Name Use
Enterprise T1485 Data Destruction

SDelete deletes data in a way that makes it unrecoverable.[1]

Enterprise T1070 .004 Indicator Removal on Host: File Deletion

SDelete deletes data in a way that makes it unrecoverable.[1]

Groups That Use This Software

ID Name References
G0053 FIN5

[2]

G0080 Cobalt Group

[3]

G0016 APT29

[4]

G0091 Silence

[5]

References