Symantec published an article about a group they named Longhorn whose tools match the descriptions of the Vault 7 documents leaked by Wikileaks, allegedly the CIA hacking tools arsenal. In the article, they also published the signature names of some tools of which some can be found on Virustotal.
Blogpost: https://www.symantec.com/connect/blogs/ ... ed-vault-7
https://virustotal.com/en/file/6f03586b ... /analysis/
https://virustotal.com/en/file/425bbe70 ... /analysis/
https://virustotal.com/en/file/2156adca ... /analysis/
https://virustotal.com/en/file/21f72733 ... /analysis/
https://virustotal.com/en/file/e7591998 ... /analysis/
One of the samples is detected as Duqu by Microsoft...