	US 12,069,076 B2
	System and method for detecting and classifying malware
Abhijit Mohanta, Mayurbhanj (IN); and Anoop Wilbur Saldanha, Mangalore (IN)
Assigned to Juniper Networks, Inc., Sunnyvale, CA (US)
Filed by Cyphort Inc., Santa Clara, CA (US)
Filed on Jan. 28, 2022, as Appl. No. 17/587,097.
Application 17/587,097 is a continuation of application No. 15/929,458, filed on May 4, 2020, granted, now 11,252,167.
Application 15/929,458 is a continuation of application No. 15/872,187, filed on Jan. 16, 2018, granted, now 10,645,107, issued on May 5, 2020.
Claims priority of application No. 201711002525 (IN), filed on Jan. 23, 2017.
Prior Publication US 2022/0159023 A1, May 19, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 9/455 (2018.01); G06F 21/56 (2013.01); G06N 20/00 (2019.01)

CPC H04L 63/1425 (2013.01) [G06F 9/45504 (2013.01); G06F 21/566 (2013.01); G06N 20/00 (2019.01); H04L 63/0209 (2013.01); H04L 63/1441 (2013.01)]

20 Claims

8. A device, comprising:

a memory; and

one or more processors are to:

detect one or more states of execution of suspicious data,

the one or more states of execution indicating that at least a portion of the suspicious data is unpacked in a location of the memory of the device, and

at least another portion of the suspicious data remains packed; and

extract, from the location in the memory, the portion of the suspicious data that is unpacked based on a priority level.