Pulse Detail — Threat Intelligence

PULSE NAME

LBIOC-20260071 - The Gentlemens Leak

WHITE The Gentlemen AlienVault 2026-05-13 Modified: 2026-05-13

IOCs

HIGH VOLUME

The Gentlemen is an active ransomware and extortion operation that emerged publicly in the second half of 2025, rapidly escalating into a high-volume threat actor. The group appears to be a continuation or reorganization of prior ransomware affiliate activity, with reported connections to the Qilin ecosystem and the Russian-speaking actor 'hastalamuerte.' This growth likely reflects existing ransomware experience, affiliate relationships, and access to established resources. Underground sources indicate attempts to sell data allegedly connected to The Gentlemen ransomware activity, though the available information lacks sufficient victim-specific or technical details to confirm authenticity. The operation utilizes SystemBC for command and control communications and deploys ransomware variants targeting both Windows and Linux systems.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1047 T1489 T1082 T1071 T1016 T1090 T1059 T1083 T1049 T1497 T1204 T1057 T1027 T1486 T1573 T1569 T1018 T1105 T1490 T1529

MALWARE FAMILIES

The Gentlemen SystemBC KillAV PowerRun

Indicators of Compromise (70)

All IPv4 FileHash-MD5 FileHash-SHA1 FileHash-SHA256

TYPE	INDICATOR	DESCRIPTION	CREATED
IPv4	45.86.230.112	—	2026-05-13
FileHash-MD5	f4ae5b89db5a6a36dbd98287ab7c860a	—	2026-05-13
FileHash-SHA1	36d968425629b10f38be17787f8afe4b8afa131e	—	2026-05-13
FileHash-SHA256	992c951f4af57ca7cd8396f5ed69c2199fd6fd4ae5e93726da3e198e78bec0a5	—	2026-05-13
FileHash-MD5	05e9d6d239ea29f0427b02a9bc903be7	—	2026-05-13
FileHash-MD5	0a454a07e071971832985701bc6e9164	—	2026-05-13
FileHash-MD5	0b33a1a23b044beb5c9a63aafd35595c	—	2026-05-13
FileHash-MD5	0f9cd505df07e4ebfff3fe61b689e527	—	2026-05-13
FileHash-MD5	1cc9ae55b1856e4e9796c73f94c2e683	—	2026-05-13
FileHash-MD5	1e0f4cd09aa4464179933769b5009251	—	2026-05-13
FileHash-MD5	30b49ae2f685d4403d3013410f80c2e2	—	2026-05-13
FileHash-MD5	3b46a729db7ae6af8b19711c9452194d	—	2026-05-13
FileHash-MD5	408dd6ade80f2ebbc2e5470a1fb506f1	—	2026-05-13
FileHash-MD5	4200b46a93c6ab059e2b34ce200c4a5b	—	2026-05-13
FileHash-MD5	4609cbac6772a6c61fcf2745cd3b4362	—	2026-05-13
FileHash-MD5	5f5bf7fc7a9ac89ce0bbb07bd1160078	—	2026-05-13
FileHash-MD5	6ae7c9a7ea0b8c40a64225734f6bd01d	—	2026-05-13
FileHash-MD5	7a89b347beb55f63dbcbcfc0beedbe43	—	2026-05-13
FileHash-MD5	7b885b446bbd9b450146c88f84c64f30	—	2026-05-13
FileHash-MD5	7f11809925adc6657e84165fdf780816	—	2026-05-13
FileHash-MD5	a2a13b8da7370f5f4753d81c7958dfcb	—	2026-05-13
FileHash-MD5	a88daa62751c212b7579a57f1f4ae8f8	—	2026-05-13
FileHash-MD5	de1a114a2c5552387a1bbb61501bf129	—	2026-05-13
FileHash-MD5	ed18c524e930cd1c34614f7cc3051dfc	—	2026-05-13
FileHash-MD5	ffb6011e7c82355046988166dd896930	—	2026-05-13
FileHash-SHA1	00ff099e3cf7b548a7a0260cde8ac2f24a746da2	—	2026-05-13
FileHash-SHA1	124b943f6e82135b4d680df111ce121a200606dc	—	2026-05-13
FileHash-SHA1	143cb70aede3ba09ae54e1da55c69f0129991f48	—	2026-05-13
FileHash-SHA1	23a468d7277902384875d4167a81164bc2bf6e72	—	2026-05-13
FileHash-SHA1	42bcc743c71a9ea083c1c750a398110582796762	—	2026-05-13
FileHash-SHA1	5264a94271d875675336a503c94ece0baceb58c5	—	2026-05-13
FileHash-SHA1	54a207ed34d83d1f71d34d4ad538e8221ffba259	—	2026-05-13
FileHash-SHA1	5aea74bf3e70f38eb596f8002b3c02514daee4f0	—	2026-05-13
FileHash-SHA1	5d4ae46c14371e20d99b42cc0a683f8d5ec326ad	—	2026-05-13
FileHash-SHA1	68225c5613afe2174ed46e074147676b0f9a3915	—	2026-05-13
FileHash-SHA1	716e39bbc93fd4b394d9e6ef7c29aef1adc7dcb5	—	2026-05-13
FileHash-SHA1	83c6c1bb37c9071e569aa4b247e54ab763bbf5da	—	2026-05-13
FileHash-SHA1	8468cb5888fb383d25f9144c2b2f61c414cea3f8	—	2026-05-13
FileHash-SHA1	af4066ca0ae65ac63de6af60f46a9b23bb6dbfee	—	2026-05-13
FileHash-SHA1	bd79aec521aa9f0cec374d57692b540b7b5a6ea8	—	2026-05-13
FileHash-SHA1	c0979ec20b87084317d1bfa50405f7149c3b5c5f	—	2026-05-13
FileHash-SHA1	d6aaed67606d6dab0f652c755d3d363025f60adb	—	2026-05-13
FileHash-SHA1	d875d7e99f45c87e667dbebb8d8596182bdb94df	—	2026-05-13
FileHash-SHA1	e00293ce0eb534874efd615ae590cf6aa3858ba4	—	2026-05-13
FileHash-SHA1	ebddc99a00bd7a5dcaf7b73349309d970e5c69b8	—	2026-05-13
FileHash-SHA1	ef4b60f8162dfe20cb96dcae865a912e52459bb5	—	2026-05-13
FileHash-SHA256	025fc0976c548fb5a880c83ea3eb21a5f23c5d53c4e51e862bb893c11adf712a	—	2026-05-13
FileHash-SHA256	2ed9494e9b7b68415b4eb151c922c82c0191294d0aa443dd2cb5133e6bfe3d5d	—	2026-05-13
FileHash-SHA256	3ab9575225e00a83a4ac2b534da5a710bdcf6eb72884944c437b5fbe5c5c9235	—	2026-05-13
FileHash-SHA256	48d9b2ce4fcd6854a3164ce395d7140014e0b58b77680623f3e4ca22d3a6e7fd	—	2026-05-13
FileHash-SHA256	4c82fbafef9bab484a2fbe23e4ec8aac06e8e296d6c9e496f4a589f97fd4ab71	—	2026-05-13
FileHash-SHA256	5dc607c8990841139768884b1b43e1403496d5a458788a1937be139594f01dca	—	2026-05-13
FileHash-SHA256	62c2c24937d67fdeb43f2c9690ab10e8bb90713af46945048db9a94a465ffcb8	—	2026-05-13
FileHash-SHA256	7a311b584497e8133cd85950fec6132904dd5b02388a9feed3f5e057fb891d09	—	2026-05-13
FileHash-SHA256	860a6177b055a2f5aa61470d17ec3c69da24f1cdf0a782237055cba431158923	—	2026-05-13
FileHash-SHA256	87d25d0e5880b3b5cd30106853cbfc6ef1ad38966b30d9bd5b99df46098e546c	—	2026-05-13
FileHash-SHA256	8c87134c1b45e990e9568f0a3899b0076f94be16d3c40fa824ac1e6c6ee892db	—	2026-05-13
FileHash-SHA256	91415e0b9fe4e7cbe43ec0558a7adf89423de30d22b00b985c2e4b97e75076b1	—	2026-05-13
FileHash-SHA256	994d6d1edb57f945f4284cc0163ec998861c7496d85f6d45c08657c9727186e3	—	2026-05-13
FileHash-SHA256	9f61ff4deb8afced8b1ecdc8787a134c63bde632b18293fbfc94a91749e3e454	—	2026-05-13
FileHash-SHA256	a7a19cab7aab606f833fa8225bc94ec9570a6666660b02cc41a63fe39ea8b0ad	—	2026-05-13
FileHash-SHA256	b67958afc982cafbe1c3f114b444d7f4c91a88a3e7a86f89ab8795ac2110d1e6	—	2026-05-13
FileHash-SHA256	c46b5a18ab3fb5fd1c5c8288a41c75bf0170c10b5e829af89370a12c86dd10f8	—	2026-05-13
FileHash-SHA256	c7f7b5a6e7d93221344e6368c7ab4abf93e162f7567e1a7bcb8786cb8a183a73	—	2026-05-13
FileHash-SHA256	ec368ae0b4369b6ef0da244774995c819c63cffb7fd2132379963b9c1640ccd2	—	2026-05-13
FileHash-SHA256	efaf8e7422ffd09c7f03f1a5b4e5c2cc32b05334c18d1ccb9673667f8f43108f	—	2026-05-13
FileHash-SHA256	f736be55193c77af346dbe905e25f6a1dee3ec1aedca8989ad2088e4f6576b12	—	2026-05-13
FileHash-SHA256	fc75ed2159e0c8274076e46a37671cfb8d677af9f586224da1713df89490a958	—	2026-05-13
FileHash-SHA256	fe1033335a045c696c900d435119d210361966e2fb5cd1ba3382608cfa2c8e68	—	2026-05-13
IPv4	91.107.247.163	—	2026-05-13