In order to ensure the timeliness of malware variants detection model, traditional detection methods based on machine (deep) learning integrate historical data and incremental data, and retrain to update the detection models, which has the problem of low training efficiency. Therefore, this paper proposes an incremental learning method based on neural network smooth aggregation mechanism for malware variants detection, which makes the detection models evolve smoothly. This paper adds training scale factor to avoids the decent of accuracy of incremental model in aggregation due to small training scale. The experimental results show that our incremental learning method can improve the training efficiency while retaining the accuracy of the detection model compared with re-training method.