jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » BushidoUK ToolMatrix GroupProfiles: TheGentlemen

BushidoUK ToolMatrix GroupProfiles: TheGentlemen

Report 1 min lectura bushidouk
Fecha
18 Jun 2026
Actor
bushidouk
Tipo
Report
Pais
United States
Sector
Defense
Confianza
high
70
Prioridad analitica
Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

4IOCs
0TTPs
bushidoukActor
United StatesPais
Executive Summary
Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Key Points

  • Source: GroupProfiles/TheGentlemen.md
  • BushidoUK Tool Matrix

GroupProfiles: TheGentlemen.md

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

TheGentlemen's Tools

| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |

|---|---|---|---|---|---|---|---|

| Advanced IP Scanner | AnyDesk | EDRStartupHinder | DumpBrowserSecrets | Impacket | Amnezia VPN | PsExec | WinSCP |

| API-C99-NL | FreeRDP | KslDump | KslKatz | NetExec | Chisel | | |

| Censys | MeshAgent | PowerRun | Mimikatz | PowerZure | Cloudflared | | |

| CertiHound | | RedSun | | RegPwn | OpenSSH | | |

| Gogo | | ThrottleStop driver (BYOVD) | | Responder | OpenVPN | | |

| MANSPIDER | | | | Titanis | Proxychains | | |

| Nmap | | | | Velociraptor | PuTTY | | |

| PrivHound | | | | ZeroPulse | Wireguard VPN | | |

| RelayKing-Depth | | | | | | | |

| Shodan | | | | | | | |

| SoftPerfect NetScan | | | | | | | |

| TaskHound | | | | | | | |

> [!NOTE]

> This is the list of tools that have been observed during various intrusions that lead to TheGentlemen's ransomware deployment.

#### Sources

| Date Published | Report |

|---|---|

| 15 May 2026 | https://ransom-isac.com/blog/the-gentlemen-leak-analysis/ |

| 14 May 2026 | https://www.kelacyber.com/blog/the-gentlemen-ransomware-internal-chat-leak-analysis-2026/ |

| 13 May 2026 | https://research.checkpoint.com/2026/thus-spoke-the-gentlemen/ |

| 9 September 2025 | https://www.trendmicro.com/en_us/research/25/i/unmasking-the-gentlemen-ransomware.html |

Referencias

Diamond Model

Adversary
bushidouk
Ver perfil →
Victim
BushidoUK ToolMatrix GroupProfiles: TheGentlemen
United States
Capability
Report
Infrastructure
ransom-isac.com
www.kelacyber.com
research.checkpoint.com
www.trendmicro.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

21 enlaces
Domain
research.checkpoint.com
IOC compartido
Domain
www.trendmicro.com
IOC compartido
Domain
www.kelacyber.com
IOC compartido
Domain
ransom-isac.com
IOC compartido
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
Nodo actual
BushidoUK ToolMatrix GroupProfiles: TheGentlemen
bushidouk · United States
Victima
BushidoUK ToolMatrix ThreatIntel: ExtraThreatIntel
ransom-isac.com www.kelacyber.com
IOC compartido
Victima
BushidoUK RVM Profile: TheGentlemen
research.checkpoint.com www.kelacyber.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: BlackBasta
www.trendmicro.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: DragonForce
www.trendmicro.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: Qilin
www.trendmicro.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: Warlock
www.trendmicro.com
IOC compartido
Victima
APTTrail: APT CAMARODRAGON indicators and references
research.checkpoint.com
IOC compartido
Victima
APTTrail: APT DESERTFALCON indicators and references
www.trendmicro.com
IOC compartido
Victima mismo actor
BushidoUK ToolMatrix Tools: AllTools
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: CredentialTheft
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DefenseEvasion
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DiscoveryEnum
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: Exfiltration
18 Jun 2026
mismo actor

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain ransom-isac.com Extraido del contenido VT OffSec SOCRadar
Domain www.kelacyber.com Extraido del contenido VT OffSec SOCRadar
Domain research.checkpoint.com Extraido del contenido VT OffSec SOCRadar
Domain www.trendmicro.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bushidouk en el blog → Ver bushidouk en IntelTracker → Fuente OSINT: github.com→ Fuente OSINT: github.com → Buscar bushidouk en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters