Gentlemen EDR Killer Suite Combines HexKiller, ThrottleBlood, and HavocKiller

This report analyzes the Gentlemen ransomware-as-a-service group, its operator-managed EDR-killer suite (GentleKiller) and bundled external killers, rapid weaponization of BYOVD drivers, global victimology driven by FortiGate misconfigurations, and use of double extortion; it includes behavioral TTPs and multiple IoCs (file hashes and filenames) for detection and response.