In your comment, you do not want to use the hash as a message authentication code. There are hash based MAC addresses (respectively called HMAC s) that are suitable for this application. in this case, you probably want to use the HMAC-SHA256. Also keep in mind that you will need a separate key for your MAC (using the same key for encryption and MAC addresses is a big no-no).
But on your question, your question boils down to encryption-then-MAC vs MAC-then-Encrypt. According to this answer of Crypto.SE, the best way to act is encryption, and then MAC, if you make sure that you have all the MAC address of the ciphertext, including IV and algorithm identifier, if you allow arithmetic algorithms other than 3DES. You get the integrity of ciphertext and plaintext and do not have to go through a decryption process to verify plaintext.