DrWeb released a news about this malware in August, they know it as 'Trojan.WPCracker.1'
And more recently ~ 1e8cd0f0f1702820c870302520bc0176.
This executable communicate with a C&C at dorblu99.net
Add admin panels:
Add module for jm(zip):
Add module for wp(zip):
Add shell jm(php):
Domains list (downloaded by the malware to know wich wordpress he should brute force):
Roman of abuse.ch have also wrote an interesting post about this threat.