JavaScript is a dynamic scripting language originally designed to improve the interactive capabilities of web pages. However, attackers use this peculiarity to execute malicious code on web pages, posing a huge threat. The traditional method based on static feature detection is difficult to detect the malicious code after confusion, and the method based on dynamic analysis has low efficiency. This paper proposes a static detection model based on semantic analysis. By extracting the lexical unit sequence features of abstract syntax tree, the word vector is modeled by word2vec, and the generated features are input into the LSTM network to detect malicious JavaScript. Experiments show that the model can effectively detect confused malicious JavaScript code and improve the detection speed, with a precision of 99.94% and recall of 98.33%.