The UDPGangster campaigns reveal the use of advanced delivery methods and sophisticated evasion techniques associated with the MuddyWater threat actor group. Primarily, these campaigns utilize macro-based delivery mechanisms, which are often embedded in documents as a means to initiate attacks. The phishing emails employed in these campaigns impersonate credible sources such as the Turkish Republic of Northern Cyprus Ministry of Foreign Affairs. Recipients are lured to an online seminar on "Presidential Elections and Results," with the emails containing attachments named seminer.doc and http://seminer.zip. The sender’s address is crafted to closely resemble an official communication, and the content is presented in formal Turkish to lend authenticity.