The downloaded file you do is not necessarily safe. It could contain malware or dangerous viruses.
Cybercriminals can now distribute their software across internet users. Many free downloads on the Internet can find on ostensibly trustworthy websites (and many trustworthy sites), as well as sites designed to trick users into installing malware.
But how can you verify if an app is safe to install or not? Because attackers can use program files (exes) to inject different malware and viruses and attack your system.
If you are in doubt about whether the file is safe, you can test the file in several safe ways. To find out more about how to test it, keep up with the following article.
How to spread malicious files
Ada three most commonly used ways malware gets into your system:
- By email: This is the most common way. This usually involves malicious attachments or links.
- Over the network: includes visits to malicious web pages or pages with malicious ads, direct network exploits (e.g. EternalBlue)
- Through portable storage: compromised CDs, USB storage, floppy disks, etc.
Never click on dubious links, download files from malicious websites, or open email attachments from unknown sources.
How to check if a file is malicious
Check the downloaded file before installing it. Checking the file for malicious or not is possible in the following ways:
- Check that Publisher is verified.
- Verify File Integrity with a Hash Value.
- Scan by using an antivirus application.
- Scan with an Online Malware Scanner
- Use the Windows Sandbox feature.
Check the App File Publisher
Always make sure that you install software from a reputable publisher. If a file is signed by Microsoft or another large company, it is safe. Install the file if it’s from a trusted publisher. Otherwise, we recommend you do not install it on your computer.
Checking the publisher of the downloaded file (*.exe) you can do this by:
- Right-click the file and select the “Properties” option.
- Then select the “Digital Signatures” tab.
Check the hash value of an application file
Many software companies publish the hash value of their program files on their official websites. If the hash value changes, the file has been changed, and it most likely contains malicious code.
You can check the hash value by using a Command Prompt using the following command:
certutil -hashfile FileName MD5
FileName: The full name of the file includes an extension (e.g.: setup.exe)
Scan Application Files with Antivirus
It will check the file if it is infected with viruses and notify you if any danger is detected. If the analysis shows that the file is malicious, you can delete it.
In Windows 11 to scan files with Microsoft Defender, you can do it by:
- Right-click the file and select the “Show more options” option.
- Then select “Scan with Microsoft Defender“.
You can also scan it using the context menu if you have third-party antivirus software installed.
Scan App Files with Online Malware Scanner
When you need a second opinion about a file that you suspect contains malware, an online Malware scanner can help. It is much better if the online scanner scans files with various antiviruses.
VirusTotal is one of the best free internet virus scanners to detect malware in files and URLs. They check and scan files for viruses using different antivirus engines.
Upload the file to VirusTotal.com. VirusTotal will perform file analysis and run files through over 25 anti-malware engines.
Keep in mind that one or two false positives usually occur in most files.
Testing Application Files with Windows Sandbox
Windows 11 has a Windows Sandbox feature that allows you to run apps in a secure environment on your PC. All run and tested files will be deleted from Windows Sandbox if you close them and will not affect your system.
Run Windows Sandbox and then drag and drop the downloaded application files into it. After that, run the application and check the result. If you see any strange activity, don’t install the file on your PC.