Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (Dridex C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Dridex C&C)"; tls_cert_fingerprint; content:"be:1e:0d:97:60:42:91:97:25:59:4f:46:e7:ba:91:45:a7:ab:46:f2"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/be1e0d976042919725594f46e7ba9145a7ab46f2/; sid:903200760; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules