Gogga

Classification

Malware

-

-

Gogga, Trojan.PSW.Goga, Goga

Summary

Goga is a trojan that is executed from a malicious Rich Text Formatted (.rtf) document. Due a security vulnerability, macros are able to execute from a template pointed by a RTF file without notification to the user in Microsoft Word.

Removal

Automatic action

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

The macro in the template drops and executes an utility that collects dial-up settings from Windows. This includes the user name and the password. This information is then sent to another web site.

The template is no longer available on the web.

Further information and a fix for the vulnerability is available from Microsoft: https://www.microsoft.com/technet/security/bulletin/MS01-028.asp

Date Created: -

Date Last Modified: -