No, I did not receive the hash from that report. Many websites do not provide a hash for every one of their downloads. I find it strange that a company would require solely a hash to be posted on a website as the only form of file integrity confirmation. When that is not posted, alternate company procedures should be put in place that meet the requirements of the security administrator. Posted file hashes have never been a requirement for software I have validated. Where the software was downloaded from, verified its validity from a security and legal standpoint. If the file were downloaded from some random site that would question its validity and it may not be verified even with a proper hash.
There are 2 main reasons to confirm a download.
- To ensure the download was not corrupted when downloaded.
- To ensure the download was not corrupted by malicious software.
- When you execute the file and the file is corrupt, the file will probably not execute properly. You can always download the file from multiple locations, read the hashes, and compare them. If you get different hashes and some consistent hashes, suspect something in your Intenet connection corrupted the download. The consistent file hash is probably the correct one.
- As long as you download the file from the original website-hosted link on a clean networked computer, you should assume the file to be untampered. Websites that offer mirror downloads not hosted locally tend to provide hashes as they cannot fully ensure the security of the file. I can understand these might not be trusted. However, the primary hosted download on a Microsoft website like iis.net should meet any security administrator's requirement. Along with the security measures already in place in the company (i.e. scans of all downloaded software before entrance into the environment or execution).
VirusTotal was just given as an example website that you can use as a generic third party to verify your information further. If a file with the same hash was already submitted countless times, it is probably not corrupted. If that hash comes back clean, it is probably not infected with anything.
Once you have that hash captured you can record it in any of your security documentation to compare it against any future corruption (for that same version).
Get-FileHash (Microsoft.PowerShell.Utility)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
