Loader
BATLOADER
According to PCrisk, BATLOADER is part of the infection chain where it is used to perform the initial compromise.
BATLOADER is a Windows loader.
Background
PCrisk notes that BATLOADER sits within the infection chain and handles the initial compromise. It serves to launch payloads such as Ursnif. PCrisk's analysts encountered BATLOADER after running installers for legitimate applications, including Zoom, TeamViewer, and Visual Studio, that had been bundled with the malware and hosted on compromised websites.
Source: Malpedia (Fraunhofer FKIE).