Odinaff added

elements/threat-actor-tools.json

@@ -517,6 +517,11 @@
        "value": "Umbreon",
        "description": "Umbreon (sharing the same name as the Pokémon) targets Linux systems, including systems running both Intel and ARM processors, expanding the scope of this threat to include embedded devices as well.",
        "refs": ["http://blog.trendmicro.com/trendlabs-security-intelligence/pokemon-themed-umbreon-linux-rootkit-hits-x86-arm-systems/"]
+    },
+    {
+       "value": "Odinaff",
+       "description": "Odinaff is typically deployed in the first stage of an attack, to gain a foothold onto the network, providing a persistent presence and the ability to install additional tools onto the target network. These additional tools bear the hallmarks of a sophisticated attacker which has plagued the financial industry since at least 2013–Carbanak. This new wave of attacks has also used some infrastructure that has previously been used in Carbanak campaigns.",
+       "refs": ["https://www.symantec.com/connect/blogs/odinaff-new-trojan-used-high-level-financial-attacks"]
     }
   ],
   "version": 1,