TrickBot is a malware infection commonly installed via malicious phishing emails or other malware. When installed, TrickBot will quietly run on a victim’s computer while it downloads other modules to perform different tasks. TrickBot’s use of an obfuscated batch script launcher to jumpstart malicious executables makes this evasion technique self-contained and minimalistic. An attacker has gone through multiple steps to obfuscate a simple one-line command would make it virtually impossible for an “off-the-shelf”” EDR or signature-based antivirus product to detect such samples.”
Source: https://www.bleepingcomputer.com/news/security/trickbot-malware-uses-obfuscated-windows-batch-script-to-evade-detection/