Interesting that you should mention this, since there was a recent publication looking at just this (thanks to Fernando Lanero for highlighting it). There’s a time limited link to the full paper on one of the author’s LinkedIn feeds:
This is a little off-the-topic of malware though (still relevant in the broader context of security, so I hope you’ll forgive me).