SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)

SID: 903207538Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedSeptember 15, 2025
UpdatedSeptember 15, 2025
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)"; tls_cert_fingerprint; content:"a0:82:42:d2:4a:20:4e:d8:46:12:0a:f8:f2:c5:2e:05:83:4f:a9:67"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/a08242d24a204ed846120af8f2c52e05834fa967/; sid:903207538; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/a08242d24a204ed846120af8f2c52e05834fa967/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!