Lime-worm-0.5.8d.rar · Deluxe & Quick

: 151545B2302C1E441EB64ED5C65B05EDB6E100B2CBB6F5CD648C6088215407C1 Detection Tags : revengerat , rat , evasion , wmi-base64 .

: It often includes modules for cryptocurrency stealing (e.g., Bitcoin grabbers) and Monero mining. Technical Indicators

According to sandbox analyses from platforms like ANY.RUN , common indicators for this specific version include: : 3680ADC647FEC6F6B864FE5F4D4BFF80 Lime-Worm-0.5.8D.rar

: It can autonomously spread through USB drives and network vulnerabilities.

: It encrypts private user data using AES-256 and appends the .Lime extension to files. It typically demands a ransom of roughly $100 in Bitcoin . : It encrypts private user data using AES-256

Lime-Worm is designed with a client-server architecture, allowing an attacker to manage infected systems remotely. Key features identified in forensic reports include:

: Attackers can monitor screens via Remote Desktop , run files, restart or shutdown the machine, and steal passwords. Key features identified in forensic reports include: :

The malware is written in and frequently uses obfuscation and Base64-encoded strings to hide its Command and Control (C2) addresses, which are sometimes hosted on services like Pastebin.