Because otherwise bad actors could encode, encrypt, or otherwise obfuscate malware inside of a JavaScript file. This type of shielding can be dynamic and near impossible to detect with simple parsing.
Executing the JavaScript will run it in a similar way to the client, and perhaps provide the original malware which you can detect against.
Malware struggles to stay stealth due to it needing to access specific features or run specific commands to elevate or take control. That isn't true for obfustication techniques which can look and act like "legitimate" JavaScript.
Executing the JavaScript will run it in a similar way to the client, and perhaps provide the original malware which you can detect against.
Malware struggles to stay stealth due to it needing to access specific features or run specific commands to elevate or take control. That isn't true for obfustication techniques which can look and act like "legitimate" JavaScript.