Computing the hash of a sample

Without delving into the intricacies of hashing, a hash is essentially a short and unique string signature. For example, we may hash the sequence of bytes of a file to obtain an essentially unique code for that file. This allows us to quickly compare two files to see whether they are identical.

There exist many hash procedures out there, so we will focus on the most important ones, namely, SHA256 and MD5. Note that MD5 is known to exhibit vulnerabilities due to hash collisions—instances where two different objects have the same hash and, therefore, should be used with caution. In this recipe, we take an executable file and compute its MD5 and SHA256 hashes.