I noticed an alert about this being in a wordpress site /tmp folder. I've moved it elsewhere for the time being, but I find no information - what IS this? and how concerned should I be. and where do I see what 'malware.blue.44' is??? thanks
This is just an internal signature name. Many malware signatures match more than one malware as they detect the way the code is hidden while the actually encrypted hidden code might differ. If it's in the /tmp folder, then you should be able to remove it safely and then check which Linux user owns this file (e.g. web5) and then you should check that the website that is hosted in web5 has all security patches installed.