Arbor ASERT arbor-asert

## kardon_loader.yara
rule kardon_loader
{
	meta:
		author = "TJ Nel"
    		company = "Arbor Networks"
		date = "2017-06-10"
		description = "Yara signature for Kardon Loader"
		filetype = "exe"
		sha256_0 = "fd0dfb173aff74429c6fed55608ee99a24e28f64ae600945e15bf5fce6406aee"
		sha256_1 = "3c64d7dbef4b7e0dd81a5076172451334fe9669800c40c895567226f7cb7cdc7"

## win_flusihoc.yara
rule flusihoc
{
	meta:
		author = "tnel"
    		company = "Arbor Networks"
		date = "2017-07-06"
		description = "Chinese DDoS Bot related to Expleror"
		filetype = "exe"
		md50 = "7c04cef7061ecff84f50fbfa4f568611"
		md51 = "a81d8ed447170b930e89e482781393f6"
	rule kardon_loader
	{
	meta:
	author = "TJ Nel"
	company = "Arbor Networks"
	date = "2017-06-10"
	description = "Yara signature for Kardon Loader"
	filetype = "exe"
	sha256_0 = "fd0dfb173aff74429c6fed55608ee99a24e28f64ae600945e15bf5fce6406aee"
	sha256_1 = "3c64d7dbef4b7e0dd81a5076172451334fe9669800c40c895567226f7cb7cdc7"
	rule flusihoc
	{
	meta:
	author = "tnel"
	company = "Arbor Networks"
	date = "2017-07-06"
	description = "Chinese DDoS Bot related to Expleror"
	filetype = "exe"
	md50 = "7c04cef7061ecff84f50fbfa4f568611"
	md51 = "a81d8ed447170b930e89e482781393f6"