I am a stickler when it comes to security these days, so when something says to download a file, unless it has a hash with it, I don’t download it. The other day I was downloading an updated ISO of Ubuntu Server 18.04.02 LTS. It had a hash with it and I wanted to check the file to make sure it was not corrupted in any way. I searched around on the internet for a bit and found this utility. CertUtil! I am really happy I found it because it makes things so much easier. Make sure to open the command prompt as administrator and type this at the command line:
certUtil -hashfile pathToFileToCheck [HashAlgorithm]
Make sure that the Hashing algorithm is capitalized as well. It will spit out a hash of the file and then you can compare it to the hash that was given to you on the website you downloaded it from.