Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (ResolverRAT C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (ResolverRAT C&C)"; tls_cert_fingerprint; content:"90:9c:6a:77:5e:6c:81:c3:83:9c:fd:55:3d:96:67:f7:20:4f:81:25"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/909c6a775e6c81c3839cfd553d9667f7204f8125/; sid:903207303; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules