The initial script (often a batch file or loader) prepares the host environment.
If the file is part of a C2 (Command & Control) framework, it will attempt to establish an outbound connection via encrypted protocols. 4. Behavioral Indicators (IoCs) vc17t.rar
Unexpected entries in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run . The initial script (often a batch file or