Goga is a trojan that is executed from a malicious Rich Text Formatted
(.rtf) document. Due a security vulnerability, macros are able to
execute from a template pointed by a RTF file without notification to
the user in Microsoft Word.
The macro in the template drops and executes an utility that collects
dial-up settings from Windows. This includes the user name and the
password. This information is then sent to another web site.