SSLBL: Malicious SSL certificate detected (CobaltStrike C&C)

SID: 903208687Rev: 12 views
Sourceabuse.ch/sslbl-blacklist
CreatedJanuary 6, 2026
UpdatedJanuary 6, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (CobaltStrike C&C)"; tls_cert_fingerprint; content:"ef:e2:13:ac:40:a0:cd:f4:19:04:81:c7:9e:ca:5e:18:3d:51:18:29"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/efe213ac40a0cdf4190481c79eca5e183d511829/; sid:903208687; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/efe213ac40a0cdf4190481c79eca5e183d511829/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!