Sagerunex (2005b7cd-94c4-5d53-bd89-0af03c7a3ee7)
Sagerunex is a malware family exclusively associated with Lotus Blossom operations, with variants existing since at least 2016. Variations of Sagerunex leverage non-traditional command and control mechanisms such as various web services.[Symantec Bilbug 2022][Cisco LotusBlossom 2025]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Sagerunex (2005b7cd-94c4-5d53-bd89-0af03c7a3ee7) | Tidal Software | Lotus Blossom (2849455a-cf39-4a9f-bd89-c2b3c1e5dd52) | Tidal Groups | 1 |