Security

3 simple ways to check a file’s hash with Windows

Why would someone want to know the hash of a file on Windows?

Software developers sometimes list the hash of a file when distributing it over the Internet to help others verify the file’s integrity.

Please see this SHA256 hash example for our GlassWire installer version 2.2.201.

The purpose of publishing the hash is to help you verify that the file you are downloading is the actual file the developer is distributing.

If the file is manipulated some way then the hash will change. For example, perhaps the file is actually malware or perhaps some other change has been made to the file to make it malicious in some way. Or maybe it’s the completely wrong file that was mistakenly uploaded to the wrong place.

How can I check a file’s hash on Windows?

One super quick and easy way to check a file is to upload the file to VirusTotal.com. VirusTotal is a free file analysis service created for the information security community. You can upload the file there and it will automatically show you the hash of the file. Then on top of this it will also show how the file is analyzed by many different antivirus engines. Please note that VirusTotal is not an antivirus, and some engines may incorrectly analyze a file as malware. This false analysis is called a false positive.

Please also note that you’ll be uploading this file to a third party server so you should not upload any files that should be kept private.

A second more private way to check a file’s hash is to open the Windows command prompt and use the certutil command for Windows.

An example of this simple command is below:

certutil -hashfile c:\Users\YourUserName\Desktop\wire.exe SHA256

This Windows command example would return the SHA256 hash of the file located at the specified path. You should update the command to show the correct path, user name, and file name for your file integrity check.

You can also use other values after SHA, such as 1 or 256, to produce the corresponding hash. With GlassWire’s example above we have chosen to use a SHA256 hash for our file.

A third easy way to find the hash of a file is to use the Windows 10 Power Shell. First open the Windows Powershell (click “Start” then type “Powershell” then click it), then use the command below checking the file “wire.exe” as an example. Of course YourUserName should be your user name, and you should use the correct path to the file you want to check.

Get-FileHash -Path c:\Users\YourUserName\Desktop\wire.exe -Algorithm SHA256.

How to use the Windows Powershell to find the file’s hash.

I hope this guide helped you easily find and verify the hash of a file on Windows!

The reason we made this guide is because we make a popular network security monitoring software for Windows called GlassWire. You can download GlassWire and try it free if you’d like.

Looking for GlassWire’s installer hash? Just click “change list” on our download page to verify the hash for every installer we have ever released.

Wikipedia also has a great page if you are looking to learn even more about file verification methods.

Discussion

Leave a Reply

Your email address will not be published. Required fields are marked *