http://185.227.139.18/dsaicosaicasdi.php/HsSpKI8PLZu2g - rule_id: 2584

185.227.139.18 - mailcious

ET MALWARE LokiBot User-Agent (Charon/Inferno)
ET MALWARE LokiBot Checkin
ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1
ET MALWARE LokiBot Request for C2 Commands Detected M1
ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2
ET MALWARE LokiBot Request for C2 Commands Detected M2

http://185.227.139.18/dsaicosaicasdi.php