THREATNOIR
Subscribe
Back to Feed
MalwareJun 12, 2026

Not only the mentioned GitHub repo is still not removed, but now it contains another DocusignSetu...

Malicious DocusignSetup.exe samples signed with a Microsoft cert are found in a GitHub repo.

Read at source

Summary

A GitHub repository previously flagged for hosting malicious DocusignSetup.exe samples has not been removed. The repo now contains an additional sample, also signed with a Microsoft-provided certificate, this time under the name 'Kimberly Love'. This indicates a continued effort to disguise malicious software as legitimate applications.

Indicators of Compromise

  • url — https://t.co/2ZaHonqedY
  • url — https://t.co/rcEsND2ayd

Entities

DocusignSetup.exe (product)Microsoft (vendor)