Skip to content

Hide Navigation Hide TOC

Sagerunex (2005b7cd-94c4-5d53-bd89-0af03c7a3ee7)

Sagerunex is a malware family exclusively associated with Lotus Blossom operations, with variants existing since at least 2016. Variations of Sagerunex leverage non-traditional command and control mechanisms such as various web services.[Symantec Bilbug 2022][Cisco LotusBlossom 2025]

Cluster A Galaxy A Cluster B Galaxy B Level
Sagerunex (2005b7cd-94c4-5d53-bd89-0af03c7a3ee7) Tidal Software Lotus Blossom (2849455a-cf39-4a9f-bd89-c2b3c1e5dd52) Tidal Groups 1