Cybesecurity researchers reveal a new malspam campaign that distributes a remote access Trojan. The latest campaign is a variant of the Windows-based QRAT downloader Trustwave researchers discovered in August. The JAR file is a Java archive (JAR) file called “TRUMP_SEX_SCANDAL_VIDEO,” which, when downloaded, installs Qua or Quaverse RAT (QRAT) When downloaded, the malicious code is split-up into different randomly-numbered buffers to evade detection.
Source: https://thehackernews.com/2021/01/hackers-using-fake-trumps-scandal-video.html