>Am I infected
>>1793524
>What does it do/why is it obfuscated
>>1793605
>What do we know so far
Variant of the Nemucod ransomware, Ukrainian URL of the new advertising that broke CSS on boards with it has a history of hosting it.
https://www.reverse.it/sample/b9a80ddbaf41d303b0ed9abb0f6aabf5f851dd39909aaead3cb3257474fd7dc4?environmentId=100
SAME. EXACT. HOST. SAME. EXACT. OBFUSCATION (minus the xoring)
>Who did this
Supposedly two devs were mentioned >>1793484 , but very likely glow in the dark niggers have everything to do with it.
>What blocks it
Update your 4chanX they've already fixed it, block the URLs smcheck.org amgload.net piguiqproxy.com admixer.net and all subdomains. Block all third party scripts not required for captcha while you are at it in light of Twitter virtue signaling the entire internet, too.
Ignore disinfo on the topic someone is trying to make money here do you need any other motive as to why they're trying to tell us its harmless?

Script has been taken apart more here >>1794246

Use this if you keep getting blank white pages after blocking it https://pastebin.com/LGcy3mEp

Flick of a switch and this script does what it has done on this URL before DO. NOT. TRUST. GOOKMOOT.