Part of this campaign: https://www.virustotal.com/nl/url/41ebfb64aee0a839294065c454dcbf64c8bfbf3102e056105fa5855ac26988fc/analysis/1425136339/
57 suspicious files: http://quttera.com/detailed_report/nusantarabet.blogspot.com
Potentially Suspicious
Reason: Suspicious JavaScript code injection.
Details: Procedure: unescape has been called with a string containing hidden JavaScript code .
View code: http://jsunpack.jeek.org/?report=71ed9e5ed1a3d185b1a4fd47a023c86750675b3a
Hacked with an Injector - redirecting.
Malware alerted: http://urlquery.net/report.php?id=1425134808792
http://support.clean-mx.de/clean-mx/viruses.php?virusname=JS.Crypt-1&sort=id%20desc

polonus

Avast does not detect here? → https://www.virustotal.com/nl/file/fa253ea18c94db2ed695575a3334e21debaf1116c807e4081c88fb5daf9535f8/analysis/

pol

Hi polonus, i think this is FP because encoded javascript on this page contains only click statistics meter.

Thanks Tondah for the final verdict, we’ll pass on then.

D