Security researchers found a new BazarCall email phishing campaign that manages to bypass automated threat detection systems to deliver the Bazar loader malware used by the TrickBot gang. Bazar call centers direct users to download a malicious Excel document with macros that install BazarLoader malware. The Bazarloader malware is believed to have the same developers as the Trickbot trojan. The TrickBot is infamous for distributing Ryuk and Conti ransomware to valuable targets (corporate victims) and Bazarloading is another tool to avoid using the highly-detected trojan.
Source: https://www.bleepingcomputer.com/news/security/new-bazaflix-attack-pushes-bazarloader-malware-via-fake-movie-site/