SSLBL: Malicious SSL certificate detected (CobaltStrike C&C)

SID: 903208826Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedFebruary 4, 2026
UpdatedFebruary 4, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (CobaltStrike C&C)"; tls_cert_fingerprint; content:"9d:bc:f0:81:6c:41:80:48:37:bc:be:00:d3:7d:94:59:ae:5d:c0:3e"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/9dbcf0816c41804837bcbe00d37d9459ae5dc03e/; sid:903208826; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/9dbcf0816c41804837bcbe00d37d9459ae5dc03e/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!