About the tool
ETW-Almulahaza is a python-based consumer tool that I've created and I'll be updating that help you to monitor ETW traces to see what happens when you execute some malware o tool. This tools is based in pywintrace of FireEye.
Event Tracing for Windows (ETW) provides a mechanism to trace and log events that are raised by user-mode applications and kernel-mode drivers. ETW is implemented in the Windows operating system and provides developers a fast, reliable, and versatile set of event tracing features. Microsoft documentation.