Powered by Zoomin Software. For more details please contactZoomin

Flowmon ADS BPATTERNS Description

Table of Contents

EmailCampaignThreats - description

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 1, 2026
  • 1 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

Sources:

MuddyWater campaign using PowerShell-based PRB backdoor

Spam campaign using IQY and PowerShell to infect Japanese users with Bebloh and Ursnif

Brazilian malware leveraging legitimate Windows components WMI and Certutil

Targeted attack using AutoHotkey and malicious scripts in Excel files

TA505 group distributing ServHelper and FlawedAmmyy malware

HeatStroke campaign stealing PayPal and credit card information through multistage phishing

Spam campaign abusing PHP functions for persistence and using compromised devices

These threats arrive as email attachments, primarily as malicious Word documents containing macros that infect the victim's computer. Infection occurs when users choose to read the document in unprotected mode. Threats can also come as executable (.exe) files downloaded in .zip archives from malicious links included in emails.

Flowmon ADS detects communication with command and control (C&C) servers and the downloading of these threats.

Email campaign threats detection in Flowmon ADS
Email campaign threats detection in Flowmon ADS

TitleResults for “How to create a CRG?”Also Available inAlert