Hash Identification and Verification
Hashes are fixed-length fingerprints of data. MD5 produces 32 hex characters, SHA-1 produces 40, SHA-256 produces 64. Knowing the length instantly tells you the algorithm. In security work, hashes verify file integrity, identify known malware samples, and appear in threat intelligence as indicators of compromise.
Try it now
Hash Generator
Runs in your browser, nothing leaves your device.
32 hex chars: MD5. 40 hex chars: SHA-1. 64 hex chars: SHA-256. 128 hex chars: SHA-512. Starts with $2b$ or $2a$: bcrypt. Starts with $6$: SHA-512 crypt. These length rules cover 95% of hashes you'll encounter in security work. When the format doesn't match any standard, it might be a truncated hash, a custom algorithm, or an encoded value.
Hash a suspicious file and search it on VirusTotal or other malware databases. If the SHA-256 matches a known sample, you have an immediate identification without needing to analyze the file. For incident response, compare file hashes against known-good baselines to find modified files. Always use SHA-256 for security-critical verification, as MD5 and SHA-1 have known collision attacks.
Examples
Common hash lengths
d41d8cd98f00b204e9800998ecf8427e
32 chars = MD5 (hash of empty string)
SHA-256 file hash
e3b0c44298fc1c149afbf4c8996fb924...
64 chars = SHA-256 (search on VirusTotal for malware identification)
Security context
MD5 is broken for security purposes due to collision attacks, but still useful for quick file identification. For anything where collision resistance matters (code signing, certificate verification, password storage), use SHA-256 or stronger.
Frequently asked
Not for security-critical purposes. MD5 collision attacks are practical and well-documented. Use it for non-security checksums (detecting accidental corruption) or quick file identification, but never for digital signatures, certificates, or password hashing.
Related techniques
Shannon Entropy
Use Shannon entropy to identify encrypted files, compressed data, obfuscated code, and packed malware. High entropy means hidden content.
Hex Encoding in Malware and Obfuscated Code
Decode hex-encoded strings in malware samples, obfuscated JavaScript, and network traffic. Identify file signatures by magic bytes.