Yeah, I'm having trouble spotting the "nasty". I'm not saying it's not there, but if someone more knowledgeable about malicious Javascript/Node could explain a bit that would be much appreciated.
Pretty convenient that the source was taken down before the blog was posted and it doesn't seem like we can get a hold of it.
Edit: MalwareBazaar doesn't seem to have a sample either.
You can download it from virustotal with the id in the blog (e2da104303a4e7f3bbdab6f1839f80593cdc8b6c9296648138bd2ee3cf7912d5) if you work for a vendor
The VirusTotal behavior analysis linked to says 'No security vendors flagged this file as malicious'