Home : File Types : R5A File

.R5A File Extension

File Type7ev3n Ransomware Encrypted File

3.0 (1 Vote)
CategoryEncoded Files

What is an R5A file?

An R5A file is a file that has been encrypted by 7ev3n ransomware, which is malware distributed by cybercriminals. It contains a file, such as a .DOCX, .JPG, .PDF, or .ZIP file, that has been renamed and encrypted by the virus. R5A files can be decrypted for free using a decryption tool available on GitHub.

More Information

In 2016, some PC users reported that their computers had been infected by a new form of ransomware called 7ev3n. 7ev3n encrypts, renames, and moves a targeted variety of a user's files. It then shows the user a ransom note. The note includes instructions the user can follow to pay a ransom of 13 bitcoin and receive a private key that will allow them to decrypt their files.

Later in the year, an additional strain of 7ev3n, called 7ev3n-HONE$T, began infecting computers. 7ev3n-HONE$T asked users to pay only one bitcoin to decrypt their files, possibly because by this point, a helpful GitHub user named hasherezade had developed a free tool that could be used to decrypt R5A files.

Common R5A Filenames

1.r5a, 2.r5a, 3.r5a, etc. - The names given to files encrypted by 7ev3n ransomware. The files are numbered in the order they were encrypted.

How do I open an R5A file?

Developers and other advanced PC users may be able to recover the contents of encrypted R5A files using the R5A decrypter available in hasherezade's malware_analysis package on GitHub. The package requires Python.

Open over 300 file formats with File Viewer Plus.

Programs that open R5A files

Updated 9/21/2020

About R5A Files

Our goal is to help you understand what a file with a *.r5a suffix is and how to open it.

The 7ev3n Ransomware Encrypted file type, file format description, and Mac, Windows, and Linux programs listed on this page have been individually researched and verified by the FileInfo team. We strive for 100% accuracy and only publish information about file formats that we have tested and validated.

If you would like to suggest any additions or updates to this page, please let us know.