Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (DCRat C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (DCRat C&C)"; tls_cert_fingerprint; content:"8e:37:e3:3d:de:fe:de:5d:de:d9:4a:52:e6:ed:b1:a8:4a:ed:f1:4c"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/8e37e33ddefede5dded94a52e6edb1a84aedf14c/; sid:903204819; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules