Skip to main content
Associate
July 14, 2026
Solved

Trojan Flag when oppening a workspace

  • July 14, 2026
  • 3 replies
  • 205 views

When I open a VS Code workspace containing a project generated by STM32CubeMX, Windows Defender consistently detects Trojan:Win64/jscramSteal.DA!MTB.

Environment:

  • VS Code: 1.127.0

  • ST extension: 3.9.0

  • STM32CubeMX: 6.18.0

  • Windows: 25H2 (defender updated today)

Steps to reproduce:

  1. Generate a project using STM32CubeMX.

  2. Open the generated project as a workspace in VS Code with the ST extension installed.

  3. Windows Defender immediately reports Trojan:Win64/jscramSteal.DA!MTB.

Could you confirm whether this is a known false positive? If so, is there a recommended workaround, or is there an update available that resolves the issue?

Best answer by luiscoelho23

Update on this issue: after the Microsoft Defender update released today 15/07 , the alert no longer appears.

3 replies

Visitor
July 14, 2026

Can reproduce this reliably, have not yet found a workaround. Does not seem to prevent the code from being compiled.

Associate III
July 14, 2026

I’m getting the same issue

luiscoelho23AuthorBest answer
Associate
July 15, 2026

Update on this issue: after the Microsoft Defender update released today 15/07 , the alert no longer appears.