SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)
Sourcesslbl/ssl-fp-blacklist
CreatedSeptember 15, 2025
UpdatedSeptember 15, 2025
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)"; tls_cert_fingerprint; content:"f3:24:ec:25:0d:c9:35:23:03:f4:d8:ec:8a:52:24:b7:c4:de:90:8d"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/f324ec250dc9352303f4d8ec8a5224b7c4de908d/; sid:903207994; rev:1;)
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!