Versions (5)
Version DetailsCurrent
Rev: 11 • Jul 30, 2010, 12:00 PMET MALWARE Win32/Sisron/BackDoor.Cybergate.1 Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Sisron/BackDoor.Cybergate.1 Checkin"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/index.php?action=add&a="; fast_pattern; content:"&c="; distance:0; content:"&u="; distance:0; content:"&l="; distance:0; content:"&p="; distance:0; http.host; content:!"whos.amung.us"; classtype:command-and-control; sid:2009458; rev:11; metadata:created_at 2010_07_30, malware_family Win32_Sisron_BackDoor_Cybergate_1, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_11_02;)
Jul 30, 2010, 12:00 PM
Nov 2, 2020, 12:00 PM
Jul 30, 2010, 12:00 PM
Dec 11, 2025, 10:34 PM
rules/emerging-malware.rules