The TrickBot Trojan has switched to a new Windows 10 UAC bypass to execute itself with elevated privileges without showing a User Account Control prompt. Windows uses a security mechanism that will display a prompt every time a program is run with administrative privileges. This allows the trojan to run silently in the background while it harvests saved login credentials, SSH keys, browser history, cookies, and more. TrickBot is particularly dangerous as it can propagate throughout the network and if it gains admin access to a domain controller, it can steal the Active Directory database.
Source: https://www.bleepingcomputer.com/news/security/trickbot-uses-a-new-windows-10-uac-bypass-to-launch-quietly/