Environment
Cb Defense: All versions
Cb Protection: All Versions
Microsoft Windows: Server 2008/Vista (NT 6.0) and above
Mac OS: OS X 10.0 and above
Objective
This document describes how to get a SHA256 hash of an application or a file on Windows and MacOS. A hash is a result of a calculation of a hashing algorithm performed against a file identifies the contents of a file or application. Hashes are commonly used to verify that an application or file was created by the publisher. A typical use case would be if someone sends you a file with a hash attached to it, you should check that hash against the file you received to verify it's the exact same file. If the hashes of the same type (in this case, SHA 256) do not match, the file or application is not the same and should not be trusted. Another use case would be if you needed to check the reputation of a file to see if it was reported as malicious using reputation checking services (like VT), you can get the hash of a file and do a lookup.
Steps for Windows - Powershell
Open Windows Powershell Enter the following command (replace <path/to/file> with the absolute path of the file or application you want to get the hash from):
Get-FileHash <PATH\OF\FILE\> -Algorithm SHA256 |
Example (command is highlighted and hash returned is shown as indicated by the arrow):

Steps for Windows - Command Prompt
Open the windows command line. Enter the following command (replace <path/to/file> with the absolute path of the file or application you want to get the hash from):
certutil -hashfile <path/to/file> SHA256 |
Example (command is highlighted and hash returned is shown as indicated by the arrow):

Steps for Mac OS X
Open a terminal window Enter the following command (replace <path/to/file> with the absolute path of the file or application you want to get the hash from):
shasum -a 256 <PATH\OF\FILE> |
Example( command is highlighted and hash returned is shown as indicated by the arrow):

Related Content
Cb Defense: What to do if a common app has NOT_LISTED reputation
Cb Defense: Difference in whitelisting by hash versus Certs or IT Tools
Cb Defense: How to whitelist or blacklist a hash