Recently, we came across JS_VIRTOOL which uses certain Javascript techniques so that encrypted code may not be decrypted and analyzed by a malware analyst.
Here is how this is done:
It retrieves the URL where the malicious script is located.
It retrieves its own function and adds the string of the URL.
It computes the CRC of the function [...]
Post from: TrendLabs | Malware Blog – by Trend Micro
