The md5sum of one or more running processes on the remote Windows host matches the signature distributed by Mandiant of software known to be involved in corporate cyber espionage by a unit called APT1.
Verify that the remote processes are legitimate and authorized in your environment.
Binary data wmi_apt1_running.nbin