Suspicious batch file

Hi guys,

​

Wondering if anyone has seen something like this:

​

File Name cmd.exe

File Path file:///C%3A/WINDOWS/system32/cmd.exe

Command Line Arguments C:\WINDOWS\system32\cmd.exe /Q /c echo cd ^> \\127.0.0.1\C$\__outputa 2^>^&1 > C:\WINDOWS\SXjBVUay.bat & C:\WINDOWS\system32\cmd.exe /Q /c C:\WINDOWS\SXjBVUay.bat & del C:\WINDOWS\SXjBVUay.bat

We see a lot of computers being flagged with this by Cisco enpoint protection but I cannot locate that file on the computers (probably cause it deletes itself).

​

Any help is appreciated.

amp bat batch cisco command command line computers cybersecurity echo file name path protection windows