Expecting a complete malware analysis from maintainers is a tad too much. Their goal is to notify users as soon as possible, even if no other information about the malware is available.

Also, an attacker may leave no traces by simply dumping the payload to /tmp.