My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets



Added to the Dr.Web virus database: 2019-08-20

Virus description added:

Technical Information

Malicious functions:
Removes itself
Launches processes:
  • /bin/sh -c wget; chmod 777 *; ./n7 wget.echo.telnet.arm7
  • wget
  • chmod 777 n7 stdout.log
  • ./n7 wget.echo.telnet.arm7
  • /bin/sh ./n7 wget.echo.telnet.arm7
Performs operations with the file system:
Modifies file access rights:
  • /root/n7
  • /root/
Creates or modifies files:
  • /root/n7
Network activity:
HTTP GET requests:
  • 77.##.##.##6/wrgjwrgjwrg246356356356/n7
  • 77.##.##.####index.php?r=site/page&view=home

Curing recommendations


After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies