This is the script:
Anyone interested in revers engineering the virus or finding out who owns the website?
I would like to know but don't know how.
On line 20 you see eval. All this procedure of decoding and fucking with it is unnessecary, just replace eval with alert (or console.log) to get original code.
http://pastebin.com/9gCP8AQV -> http://pastebin.com/WzJnsAR4
Oh, also this will download and exechXXp://helahhoast.net/93.exe.MALWARE
with backup host of belahhoastbil.com.MALWARE
This is classic, I should look up the exe, it's probably ransomware desu
Getting real sick of this bullshit we can't talk about more advanced technology because most of /g/ are consumer whores. If you want to improve /g/, talk about stuff that will attract people who want to talk about better technology.
OP here, nice to see some serious answers
Didn't know that, thanks
Nice to see some printscreens, did it actually do anything besides showing random gibberish?
Of course it was the Russians, thanks for finding out
some site runs it on a VM, google the link from helahhoast and you'll find it, it's on malwr dot cum (can't post link because spam)
pic related, it's ransomware
>>52633122Domain Name: BELAHHOAST.NET
Registrar: WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC
Sponsoring Registrar IANA ID: 460
Whois Server: whois.webnic.cc
Referral URL: http://www.webnic.cc
Name Server: NS1.LOOSEMONGO.PW
Name Server: NS1.MARSIISAWA.PW
Status: ok https://www.icann.org/epp#OK
Updated Date: 24-jan-2016
Creation Date: 24-jan-2016
Expiration Date: 24-jan-2017
^ shit man shit's fresh