You list two variables in this problem: First you want to manipulate the jar, second you want to manipulate an already running program.
Modify a runnable jar By adding your own main class to the classpath and manipulate the main-class attribute in the manifest file, you are able to decide on when an how the vulnerable program is started. Easy! As an alternative, you could create an agent class and register it as premain-class in the manifest.
Modify a running program I am certain that you need to manipulate the classloader to inject your malicious code to the running program.