Since we updated sensors to S7, we often see alarms

triggerd by the signature 3111 "W32 Sircam Malicious

Code". All of the alarms have the same context as

follows:

kAZAAgAGYAbABvAGEAdABpAG4AZwAgAHAAbwBpAG4AdAAgAG8AcABlAHIAYQB0AGkA

bwBuAB8ARgBsAG8AYQB0AGkAbgBnACAAcABvAGkAbgB0ACAAZABpAHYAaQBzAGkAbwBuACAA

YgB5ACAAegBlAHIAbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJj1POMKC

N7jzJEIDF5s6gwEAAMwAAAAAGQAAAAGgU0NhbTMy

I would like to know why the 3111 signature's alarms

are triggered and have the above strings in its

context.

Thanks.