.. /fltMC.exe
Star

Filter Manager Control Program used by Windows


Paths:

Resources:
Acknowledgements:

Detection:

Tamper

Unloads a driver used by security agents 
fltMC.exe unload SysmonDrv
Usecase: Defense evasion
Privileges required: Admin
OS: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
MITRE ATT&CK®: T1562.001