I got a "E-fax" with a attachment of
document000262537.doc.js (Red flag)
I stringed the file and it looks like it's "camouflaged" with chunks of code wrapped into variables which are then used to group together into the (probably) malicious code and run.
Eg.
Code:
var g4=' { }'
var v0='= w'
var u4='{ fo'
var k7='WScr'
var r2='rket'
var d7=' {'
var d6='Creat'
var r5='nd('
var h2='tr+'
...
a9=p5
i5+=a9
a9=e0
i5+=a9
a9=y6
i5+=a9
a9=f3
i5+=a9
a9=t2
i5+=a9
a9=q9
i5+=a9
Pastebins:
Original
; changed to newlines (\r)
I didn't run it, but I'm curious what the constructed code does. Whether linux or windows based..
I searched some parts of the code but nothing came up.
Would it be worth reporting and who would I report it to?