Detected where: http://killmalware.com/nwjewelrycreations.com/
100/100% malicious: http://zulu.zscaler.com/submission/show/d4b201dacfdff26bc408f3e6be861305-1431126563
flagged: https://www.virustotal.com/nl/url/400a96aa2ed34af631cc9c6e3c56384fdf0eb348932c09fdbd991c44e824383d/analysis/
index.html
Severity: Malicious
Reason: Detected malicious drive-by-download attack
Details: Malicious obfuscated JavaScript threat
Offset: 17079
Threat dump:
[DropFileName = "svchost.exe"^^WriteData = ]
Threat dump MD5: 4667FB094040103F5F964564346C0007
File size[byte]: 130169
File type: HTML
Page/File MD5: E3F1A5628CF8F7D4C72EB5F4704914D9
Scan duration[sec]: 0.025000
Blacklisted here and elsewhere: https://yandex.com/infected?l10n=en&url=nwjewelrycreations.com&redircnt=1431126954.1
On AntiCopas.js read: http://www.leakedin.com/2013/08/17/potential-leak-of-data-hacking-notification-2490/
source: htxp://pastebin.com/raw.php?i=dnhsMfjL
polonus