The .debug_info section of an ELF file contains attributes that may yield clues useful for attribution:
DW_AT_producer - The version of compiler and flags used. DW_AT_language - The language of the source code file https://dwarfstd.org/languages.html DW_AT_name - The path to the source code file before compilation. DW_AT_comp_dir - The compilation directory.
This can be viewed with objdump:
objdump --dwarf=info /path/to/file
The DW_AT_name and DW_AT_comp_dir especially may yield clues such as the malware author’s home directory, or a project name.