As the existing malicious code detection methods based on deep learning have problems of insufficiency and low accuracy of feature extraction， a malicious code detection method based on attention mechanism and Residual Network （ResNet） called ARMD was proposed. To support the training of this method， the hash values of 47 580 malicious and benign codes were obtained from Kaggle website， and the APIs called by each code were extracted by analysis tool VirusTotal. After that， the called APIs were integrated into 1 000 non-repeated APIs as the detection features， and the training sample data was constructed through these features. Then， the sample data was labeled by determining the benignity and maliciousness based on the VirusTotal analysis results， and the SMOTE （Synthetic Minority Over-sampling Technique） enhancement algorithm was used to equalize the data samples. Finally， the ResNet injecting with the attention mechanism was built and trained to complete the malicious code detection. Experimental results show that the accuracy of malicious code detection of ARMD is 97.76%， and compared with the existing detection methods based on Convolutional Neural Network （CNN） and ResNet models， ARMD has the average precision improved by at least 2%， verifying the effectiveness of ARMD.