SSLBL: Malicious SSL certificate detected (IcedID C&C)
Sourceabuse.ch/sslbl-blacklist
CreatedJune 25, 2025
UpdatedJune 25, 2025
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (IcedID C&C)"; tls_cert_fingerprint; content:"b7:81:c5:2d:5b:3a:56:6d:d0:65:91:81:ff:3d:14:84:8c:04:45:be"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/b781c52d5b3a566dd0659181ff3d14848c0445be/; sid:903202509; rev:1;)
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!