- Home
- Detectable Ransomware
- 7ev3n-HONE$T
Ransomware Research
7ev3n-HONE$T Ransomware
7ev3n-HONE$T is a malicious ransomware strain that encrypts victim files and demands ransom payment for decryption. First observed in the wild on April 1, 2016, this ransomware has been actively targeting systems worldwide.
Quick Facts
- Ransomware Family
- 7ev3n-HONE$T
- First Seen
- April 1, 2016
How 7ev3n-HONE$T Ransomware Works
Targeted Files
Renames files -> A18.R5A, A19.R5A .. A13.R5A
File Encryption Patterns
7ev3n-HONE$T modifies encrypted files using specific patterns to mark them as encrypted:
File extensions added after encryption:
..R5A
Ransom Note and Payment Demands
After encrypting files, 7ev3n-HONE$T displays ransom notes demanding payment for file recovery:
FILES_BACK.txt
Ransom message:
notes/FILES_BACK.txt
Note locations:
EveryFolder
Ransom message:
notes/note.txt
Note locations:
Login
Elastio Can Help You
Don't let 7ev3n-HONE$T ransomware take over your data
Elastio provides advanced ransomware protection and recovery solutions to keep your organization safe.
About This Analysis
This 7ev3n-HONE$T ransomware analysis is part of Elastio's comprehensive ransomware detection database. Elastio provides advanced ransomware protection and recovery solutions, helping organizations defend against and recover from ransomware attacks like 7ev3n-HONE$T.
Last updated: July 30, 2025