Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (TrickBot C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (TrickBot C&C)"; tls_cert_fingerprint; content:"55:44:35:b1:c4:ab:1f:24:1a:08:a7:a0:8a:18:8a:05:d3:7f:5a:74"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/554435b1c4ab1f241a08a7a08a188a05d37f5a74/; sid:903202368; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules