Delivering malware covertly and detection-evadingly is critical to advancedmalware campaigns. In this paper, we present a method that delivers malwarecovertly and detection-evadingly through neural network models. Neural networkmodels are poorly explainable and have a good generalization ability. Byembedding malware into the neurons, malware can be delivered covertly withminor or even no impact on the performance of neural networks. Meanwhile, sincethe structure of the neural network models remains unchanged, they can pass thesecurity scan of antivirus engines. Experiments show that 36.9MB of malware canbe embedded into a 178MB-AlexNet model within 1% accuracy loss, and nosuspicious are raised by antivirus engines in VirusTotal, which verifies thefeasibility of this method. With the widespread application of artificialintelligence, utilizing neural networks becomes a forwarding trend of malware.We hope this work could provide a referenceable scenario for the defense onneural network-assisted attacks.