SSLBL: Malicious SSL certificate detected (Rhadamanthys C&C)

SID: 903208420Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedNovember 9, 2025
UpdatedNovember 9, 2025
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Rhadamanthys C&C)"; tls_cert_fingerprint; content:"ef:0e:71:6a:13:89:a2:a5:dd:75:41:9b:81:b5:2e:9d:36:f9:49:23"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/ef0e716a1389a2a5dd75419b81b52e9d36f94923/; sid:903208420; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/ef0e716a1389a2a5dd75419b81b52e9d36f94923/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!