A security incident has been reported at a multinational corporation where several employees have experienced their computers performing tasks autonomously, including file deletion and screen manipulation. The IT security team investigated and found that during a video conference with an external vendor, participants were asked to download what appeared to be a codec update to improve video quality. After installation, affected systems began displaying offensive messages and playing audio clips at random intervals. The security logs revealed that the malicious software disguises itself as a system process and creates a hidden network connection that receives commands from a remote server. What type of Trojan was most likely used in this attack?