The source code for the Carbanak banking malware has been sitting on VirusTotal scanning platform, available for any researcher that recognized it. The malware strain serves mainly remote access purposes but it can also record videos of the computer screen and send them to the attacker. FireEye researchers at FireEye found it packed into two RAR archives (kb3r1p.rar and apwmie.rar) Uncompressed, one weighs about 15MB and has 879 files, and the other is about 6MB with 24 files.
Source: https://www.bleepingcomputer.com/news/security/source-code-for-carbanak-backdoor-shared-with-larger-infosec-community/