Calculate sha256 filehash of a file

PowerShell 4+ includes a built-in Get-FileHash commandlet that does this for you.

But if you're stuck on PowerShell 2 because your corporate IT department take the "if it ain't broke don't fix it" approach to life, then this snippet will help you out

Powershell code to calculate the sha256 hash of a file

$someFilePath = "c:\temp\nimbleset.exe"
$sha256 = New-Object -TypeName System.Security.Cryptography.SHA256CryptoServiceProvider
$hash = [System.BitConverter]::ToString($sha256.ComputeHash([System.IO.File]::ReadAllBytes($someFilePath))).Replace('-','')

Or to calculate the md5 hash (often used as a checksum)

$someFilePath = "c:\temp\nimbleset.exe"
$md5 = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
$hash = [System.BitConverter]::ToString($md5.ComputeHash([System.IO.File]::ReadAllBytes($someFilePath))).Replace('-','')

Here's the Powershell 4+ equivalent (defaults to sha256)

$hash = (get-filehash "c:\temp\nimbleset.exe" | % hash)

Or for MD5...

$hash = (get-filehash "c:\temp\nimbleset.exe" -algo md5 | % hash)

Large files?

Although the above worked fine for my use case, comments from stackoverflow show how it can be done with loading the whole file at once, with the use of streams (and they also point out you need to close the stream.

$stream = [System.IO.File]::Open("$someFilePath",[System.IO.Filemode]::Open, [System.IO.FileAccess]::Read)
$hash2 = [System.BitConverter]::ToString($sha256.ComputeHash($stream)).Replace('-','')

Use the hash to check VirusTotal

And why are we doing this? To check VirusTotal....

$url = "$hash/analysis"


results matching ""

    No results matching ""