SSLBL: Malicious SSL certificate detected (IcedID C&C)

SID: 903203283Rev: 10 views
History
Sourceabuse.ch/sslbl-blacklist
CreatedJune 25, 2025
UpdatedJune 25, 2025
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (IcedID C&C)"; tls_cert_fingerprint; content:"da:15:d5:5a:f3:86:46:99:36:1f:8e:af:83:a0:cb:c2:4b:76:44:59"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/da15d55af3864699361f8eaf83a0cbc24b764459/; sid:903203283; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/da15d55af3864699361f8eaf83a0cbc24b764459/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!