SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)

SID: 903208902Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedFebruary 9, 2026
UpdatedFebruary 9, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)"; tls_cert_fingerprint; content:"71:f4:fe:ca:db:5e:d6:28:9c:ca:27:ff:ae:dd:2e:c0:2f:44:50:e0"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/71f4fecadb5ed6289cca27ffaedd2ec02f4450e0/; sid:903208902; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/71f4fecadb5ed6289cca27ffaedd2ec02f4450e0/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!