An installer hash is a cryptographic fingerprint of a downloaded installer, usually computed with algorithms such as SHA-256. If even one byte of the file changes, the hash changes too. That makes hashes a simple way to verify that a package has not been tampered with in transit or replaced on a download page.
In cyber security, installer hashes help defenders detect supply-chain abuse, malicious mirrors, and poisoned downloads. Before running software, users and security tools can compare the expected hash from a trusted source with the file they received. A mismatch is a warning sign that the installer may be altered, corrupted, or malicious. Hash checks work best alongside digital signatures, HTTPS, and strong control of the website or update infrastructure that publishes the download.