See: https://www.virustotal.com/nl/url/67d4a2747d5934bd2f13f64f57a170f76775043d7d18e7d1e708f3fe60549ab4/analysis/1446547748/
File detection: https://www.virustotal.com/nl/file/ca539ee09295e2ba49988a3edc88f55f1a977c61cdc77270b46ad7277938829d/analysis/1446505144/
Website Malware MW:BLK:2 http://998gu.com
Javascript included from a blacklisted domain. Details: http://sucuri.net/malware/entry/MW:BLK:2
Javascript: -js.users.51.la → -http://js.users.51.la/14908552.js → https://www.virustotal.com/nl/url/7f8c4821e8820428b09c3c8118b36d15430b6cf2e9380194bdcb3fedaf23f88a/analysis/

Two warnings here: https://asafaweb.com/Scan?Url=998gu.com
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2F998gu.com%2Fvod%2F7523%2Findex.htm
landing on website, scanned here: https://www.virustotal.com/nl/domain/c1.keyrun.cn/information/
Listed here: https://raw.githubusercontent.com/523860169/list/master/ad2.tx

83 malicious files detected: Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -dl.kuaibo.com

List of referenced blacklisted domains/hosts: 3
-dl.kuaibo.com
-998gu.com
-img.users.51.la

polonus