Send us feedback
Thank you for your feedback
Microsoft security researchers analyze suspicious files to determine if they are threats, unwanted applications, or normal files. Submit files you think are malware or files that you believe have been incorrectly classified as malware. For more information, read the submission guidelines.
You are signed in with a account, however you have chosen to submit as a . Choose a different option or sign in with a account
Submit file as a
Microsoft Defender Response Portal
This portal is for internal use by Microsoft employees to report detection concerns to Microsoft Defender Research
Submit a file internally
Submit files so our analysts can check them for malicious characteristics. Provide the specific files that need to be analyzed and as much background information as possible.
SUBMIT A FILE
Escalate to WD Response
WD Response serves as the primary contact point to our malware analysts. Submit your files through regular channels before contacting WD Response for special requests or submission follow-ups.
CONTACT WD RESPONSE
Attack Surface Reduction
Report issues with undetected suspicious activities or activities that have been incorrectly detected (false positives).
ATTACK SURFACE REDUCTION
Network Protection
Report issues with the detection and blocking of URLs and IP addresses.
NETWORK PROTECTION
Submit a driver file for exploit analysis
Submit drivers for our analysts to check for malicious intent and vulnerabilities. Provide the specific files that need to be analyzed and as much background information as possible.
SUBMIT A DRIVER
View your submissions
Track the results of your submissions. You can view detailed detection information of all the files you have submitted as well as the determination provided by our analysts.
SUBMISSION HISTORY
Search file hash
Enter a file hash Sha1, Sha256 or Md5 format to view the file details including scan results.
Enter a valid SHA 1/256 or MD5
File with the entered Hash was not found
Specify the file and provide information that will help us to efficiently handle your case.
Required fields are marked with an asterisk (*).
Specify valid email addresses, separating each with a semicolon
Select a Microsoft security product
Specify the company name
Specify affected organization
Specify a valid customer email address
Select the number of affected devices
Select the file to submit
The selected file is too large ()
The selected file is empty
Select a date between 30 days and 5 years from now
Specify a detection name
Specify additional information
Company name
Was this file found in the Microsoft corporate network?
Affected organization
Customer email address
Number of affected devices
Product
Submission priority
Software Assurance ID
File
Removal date
What do you believe this file is?
Detection name
Definition version
Additional information
Unable to upload the file
Verify you are a human
Submission details will be retained for up to 30 days. For privacy information, read the Microsoft Privacy Statement.
Sign in to track your submissions
Use your Microsoft account to track the results of your submissions. You will also be able to link submissions to existing support cases, view past submissions, and rescan files.
By clicking “Accept” below, you consent to the following terms:
Any data provided by or on behalf of you to the Microsoft Security Intelligence submission portal (“MSI”) will be treated as set forth in the OST (as defined below) and this consent. Your data will be transferred from other Microsoft services into MSI and from MSI back to applicable Microsoft services. Any data submitted to MSI will constitute Support Data (as defined in the Online Service Terms ("OST")). You acknowledge that such MSI commitments may differ from the services from which that data is transferred. Further, Microsoft will store your data in MSI within the United States only.
