MD5 checksums are used to ensure that downloaded files have been transferred correctly and are free of errors. However, they do not confirm the origin of the file. To verify the authenticity of a file, you need to determine if it actually comes from the project developers or if it has been altered. This is where MD5 files are crucial.
Every downloadable package has an accompanying MD5 file. When you download a file, make sure to also download its corresponding MD5 file by clicking on the "MD5" link next to it on the download page. For instance, to verify the file electrum-dash-4.1.7.5.exe, you will need the MD5 file electrum-dash-4.1.7.5.exe.md5.
Open a terminal (on Linux/macOS) or Command Prompt (on Windows) and navigate to the directory where the downloaded file is located.
md5sum electrum-dash-4.1.7.5.exe
certutil -hashfile electrum-dash-4.1.7.5.exe MD5
You will see a string of characters, which represents the MD5 checksum of the file.
Compare the MD5 checksum you generated with the one provided in the MD5 file. If they match, the file has not been altered.
To confirm the integrity of the downloaded file, compare its MD5 checksum with the checksum in the provided MD5 file. If they match, the file is intact and has not been tampered with.