SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)

SID: 903208843Rev: 10 views

Sourceabuse.ch/sslbl-blacklist

CreatedFebruary 5, 2026

UpdatedFebruary 5, 2026

alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)"; tls_cert_fingerprint; content:"1e:a8:ec:48:d9:f0:b8:87:3d:b6:2c:eb:0d:56:bc:89:bd:5b:32:6e"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/1ea8ec48d9f0b8873db62ceb0d56bc89bd5b326e/; sid:903208843; rev:1;)

References

url	sslbl.abuse.ch/ssl-certificates/sha1/1ea8ec48d9f0b8873db62ceb0d56bc89bd5b326e/

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!