JS_Dloader.NUF is malicious JavaScript that is downloaded by a malicious HTML script that Trend Micro detects as HTML_IFRAME.CV from the Web site, http://{BLOCKED}crogger.ws/flash/index.php.

Once executed on the affected system, this JavaScript connects to a Web site to download the file named FILE.PHP. Trend Micro detects the said file as TROJ_AGENT.QMN. As a result, routines of the downloaded Trojan are also exhibited on the affected system.

Technical details can be found at this Trend Micro page.