Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
wmphoto+ displays the images in the dockable application window. You can switch the images manually or display them as a slide show. Each image accepts up to two related commands. You can run them using mouse buttons when the application displays the image. Using the alternative configuration directories, you can run a few instances of the program that display the different sets of images.