Skip to main content
JS
Jacob Santos

Jacob Santos

Threat Hunter, Researcher and Builder

Sr. Threat Researcher | Trend AI
17
Articles
14
Threads
10+
Tools
10+
Talks
Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed
Trend AI Research Blog Sep 2025

Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed

RansomwareBYOVDDefense Evasion

Gentlemen ransomware introduced a novel approach to defense evasion: rather than using a fixed BYOVD payload, the operators dynamically select and custom-patch anti-AV tools during the attack based on reconnaissance of the target's security stack. This article provides a full technical breakdown of their multi-stage infection chain, the adaptive evasion framework, encrypted C2 communication, and the Rust-based ransomware payload. Includes IOCs, MITRE ATT&CK mapping, and detection guidance.