Home » Software Security Blog » How to Check an MD5 Checksum
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Discover one of the most effective ways to check the integrity of signed executables downloaded from the internet. Learn how to check MD5 checksums and protect your device from harmful downloads

Infected executables are one of the most common malware file types chosen by attackers. These malicious files are often disguised as genuine software updates to trick you into downloading and running their harmful applications to wreak havoc on your device and cost a great deal to your organization. To give you a better idea, Sophos’ State of Ransomware 2021 report revealed that the average total cost of recovery from a ransomware attack went up from $761,106 in 2020 to $1.85 million in 2021.

sophos state of ransomware report 2021

In such a dangerous environment, checking that a downloaded file is authentic and hasn’t been modified has become crucial to the safety and security of your organization and its data.

In our first article of this series, you learned that checksums are special strings of data that can help you to truly accomplish this comparison and validation. You then learned how to check a file checksum to verify the integrity of a file. In this last article of the series, we’ll walk you through the process of generating an MD5 checksum to check the veracity of a signed executable’ signature.

Why Checking an Exe’s MD5 Checksum Matters, Even if the File Is Signed

Executables signed with a code signing certificate are already more secure than unsigned ones. However, in cybersecurity, you can never be too cautious. This is why, in addition to checking the code signing certificate, if a checksum is displayed alongside the .exe file, you should also compare it with the one you’ll generate after the download to check if they match.

How to Check MD5 Checksum of a Signed Executable in 5 Easy Steps

Even if you can always use a third-party software to generate MD5 checksums, using Window’s command prompt will avoid you the hassle of installing yet another specific tool. This process is easy, fast, and works like a charm.

1. Download the Signed Executable

To show you how to check the MD5 of a signed downloaded executable file, we’ll download the last version of KeePass installer for Windows. KeePass is a well-known free and open source password manager.

keepass downloads page
Image Source: KeePass Downloads Page

At the bottom of the download page, there’s a link that takes you to the signature and checksum details info that you’ll need in order to verify the executable’s integrity.

keepass integrity page
Image Source: KeePass’s Integrity page

2. Open the Windows Command Prompt Tool

  • Now that you have all the information, open the Window’s command prompt by clicking the Start button.
  • Type cmd in the run bar.
  • Select the Run as Administrator
cmd run as administrator

3. Navigate to the Directory Where You Saved the .Exe

  • Use the cd (change directory) command to go to the folder where the downloaded KeePass-2.50-Setup.exe is saved.
cmd navigate right directory

4. Generate the MD5 Checksum Using the CertUtil Command

  • Type certUtil -hashfile followed by the filename (in this case, KeePass-2.50-Setup.exe) and MD5. It would look like this: certUtil -hashfile KeePass-2.50-Stepup.exe MD5.
  • Press Enter.

This will generate the following checksum:

how to generate md4 checksum

5. Compare the Two Checksums

Check that the returned value of the checksum you generated matches with the original MD5 checksum displayed on the download webpage. If they match, the .exe has not been modified and you can install your KeePass without issues. If they don’t, there’s something wrong and you should be careful. The file may be infected, or something may have downloaded incorrectly. Regardless of the reason, you shouldn’t trust the file.

Let’s take a quick look at the two checksums for comparison:

the generated checksum
the keepass 2 50 setup exe original checksum
Image caption: The KeePass-2.50-Setup.exe original checksum from KeePass’s official Integrity page.

How to Generate an MD5 Checksum Using Windows PowerShell

To make it even easier, if you have Windows 8.1 or Windows 10, you can also use PowerShell to generate your checksum as described below:

1. Download the Signed Executable

Let’s take the same .exe file as an example.

keepass downloads page
Image Source: KeePass Downloads Page

2. Open a PowerShell Window

  • In Windows 10, click on the search icon near the Start
  • Type powershell.
  • Select Run as Administrator.
how to open a powershell window in windows 10
Image Source: How to open a PowerShell window in Windows 10.

3. Generate the MD5 Checksum Using the Get-FileHash Command

  • Type Get-FileHash followed by the path where the downloaded .exe is located (which should start with a period) and –Algorithm MD5. The command will look like this: Get-FileHash .\Downloads\KeePass-2.50-Setup.exe –Algorithm MD5.
  • Press Enter.

This will generate the checksum.

how to generate the checksum in PowerShell

4. Compare the Two Checksums

Now you’re ready to compare the generated MD5 checksum with the original one to ensure they match:

screenshot of the generated checksum
keepass integrity page
Image Source: KeePass’s original checksum from the Integrity page.

There we go — no sweat! You’ve learned two easy ways to generate an MD5 checksum of an executable with minimal effort.

Final Thoughts on How to Check an MD5 Checksum

I hope these three articles on checksums helped you to learn a new method to protect you and your organization from malware and installation errors. While organizations have already implemented good security practices, attackers continuously develop new ways to infiltrate genuine files with malicious codes.

Even if there’s no silver bullet in IT security, understanding how to protect your devices and data at the fullest extent and with the right tools can make a difference. Including checksums in your security best practices is a way to perform a more in-depth security check, helping you and your organization to mitigate risks and stay ahead of downloading threats.

Don’t take unnecessary risks — leverage the power of checksums to keep your organization and its data secure!