There was another article posted that pointed to the DoD-assigned IP of (something like) "30.40.50.60" that was referenced in one of the files. I'm fairly certain that was just a coincidence.
However, I did find that one of the autogenerated shellcodes for EXTRABACON contained this DoD-assigned IP: 155.222.211.8 (http://whois.domaintools.com/155.222.211.8). The OrgName is "DoD Network Information Center". This appears to be run by DISA which is also headquartered at Ft. Meade.
I do appreciate your sleuthing, but the cidrs used by the government are public, and including them in files like this is trivial and ultimately means nothing for attribution.
However, I did find that one of the autogenerated shellcodes for EXTRABACON contained this DoD-assigned IP: 155.222.211.8 (http://whois.domaintools.com/155.222.211.8). The OrgName is "DoD Network Information Center". This appears to be run by DISA which is also headquartered at Ft. Meade.