The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

**Executive summary:** Microsoft Threat Intelligence analyzes The Gentlemen ransomware RaaS (Storm-2697), a Go-built, Garble-obfuscated encryptor that uses per-file ephemeral Curve25519 ECDH keys with XChaCha20, implements double extortion, aggressively disables defenses, and can self-propagate across networks via 21 lateral techniques; the report provides technical details, IOCs, detections, hunting queries, and mitigation guidance.