You can see paste of main page here. Malicious code begins at line 166.
Cleaned up JS code is here.
This also highlights some changes in the g01pack exploit chain, will post more about it after researching more.
http://lewhenfold.is-a-designer.com/finance/2qsyk.php?lint=39705&template=%2F&site=33676207&login=50& (Encoded EXE > 0x7e) > application/octet-stream