A file’s hash value is a signature for that file that uniquely identifies it. If a file’s contents change, its hash value will also change. You can use the hash value of a file to know whether it has been modified or altered. You can also cross-check the hashes of a suspicious file online to see if it’s a malicious file. Windows 7 does not have any native way to show or calculate a file’s hashes. But you can use the freeware HashTab tool to add a File Hashes tab in the file properties dialog.
After installing HashTab in Windows, all you have to do is right-click on any file and choose Properties from the context-menu. In the File Properties dialog, you would see an extra tab File Hashes which shows the that file’s hash values using multiple hashing algorithms. By default, it shows the hashes using CRC32, MD5 and SHA-1 functions.
If you want to customize which hash functions should be used to calculate the file hashes, then you can click on the little Settings link shown in the tab. In the HashTab Settings window, you can choose from over 14 different hash functions like MD2, MD3, MD5, SHA256, SHA512, Adler32, RIPEMD-256 and more. You can also choose to show the hashes in uppercase letters or lowercase letters.
Are wondering how you can use a file’s hash value to find out if it’s a malicious file? Its easy. First of all open the file properties dialog for a file you want to check. Select the File Hashes tab, right-click on the SHA-1 hash and choose to Copy it. Now visit the VirusTotal site in your browser, paste the hash value you copied in the search field and click on the Search It button. The VirusTotal site would immediately show you a list of scan results indicating if that file is malicious or not.