it appears not all the DNC hacking communication was going to Russia, some was going to Norway, Sweden and the EU (Italy); a server company owned by Russians.
sauce for the first is in the text of the info. I had to do a limited time search about X-agent malware to find it.
Sauce for the others is just basic searches When Symantic had fix for X-agent (early 2015)
and when X-agent first appeared in 2012 - and seems to be constantly evolving according to everyone even Kapernski.
this one is in depth analysis of the malware for computer geeks:
https://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part-2.pdf
It would take a classified data release of the servers the hacked computers phone home to to do more and then server logs of those servers to follow a trail to see where it went. And if the owner of the server is black hat they sure wouldn't give you the logs.