Microsoft security researchers analyze suspicious files to determine if they are threats, unwanted applications, or normal files. Submit files you think are malware or files that you believe have been incorrectly classified as malware. For more information, read the submission guidelines.
You are signed in with a account, however you have chosen to submit as a . Choose a different option or sign in with a account
Submit file as a
Microsoft Defender Response Portal
This portal is for internal use by Microsoft employees to report detection concerns to Microsoft Defender Research
Submit a file internally
Submit files so our analysts can check them for malicious characteristics. Provide the specific files that need to be analyzed and as much background information as possible.SUBMIT A FILE
Escalate to WD Response
WD Response serves as the primary contact point to our malware analysts. Submit your files through regular channels before contacting WD Response for special requests or submission follow-ups.CONTACT WD RESPONSE
Attack Surface Reduction
Report issues with undetected suspicious activities or activities that have been incorrectly detected (false positives).ATTACK SURFACE REDUCTION
Report issues with the detection and blocking of URLs and IP addresses.NETWORK PROTECTION
View your submissions
Track the results of your submissions. You can view detailed detection information of all the files you have submitted as well as the determination provided by our analysts.SUBMISSION HISTORY
Search file hash
Enter a file hash Sha1, Sha256 or Md5 format to view the file details including scan results.
Enter a valid SHA 1/256 or MD5
File with the entered Hash was not found
Specify the file and provide information that will help us to efficiently handle your case.
Required fields are marked with an asterisk (*).
Specify valid email addresses, separating each with a semicolon
Grant other members of your organization access to submission details
Select a Microsoft security product
Specify the company name
Specify a valid customer email address
Select the number of affected devices
Specify a valid Software Assurance ID
Specify a valid admin email address for SAID
SAID validated. Make high priority submissions only when dealing with active malware or incorrect detections that require immediate attention
Invalid SAID. The specified SAID could not be validated. All submissions are given regular priority
Problems validating SAID. Could not connect to the validation service. Please try again later
Select the file to submit
The selected file is too large ()
The selected file is empty
Select a date between 30 days and 5 years from now
Specify a detection name
Specify additional information
Was this file found in the Microsoft corporate network?
Customer email address
Number of affected devices
Software Assurance ID
What do you believe this file is?