Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (RaccoonStealer C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (RaccoonStealer C&C)"; tls_cert_fingerprint; content:"1c:60:15:f3:dd:25:f7:2b:91:78:82:79:e0:16:6d:6e:ad:7d:2c:94"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/1c6015f3dd25f72b91788279e0166d6ead7d2c94/; sid:903203774; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules