DOCSLIB.ORG

Automated Malware Analysis Report for Pdfcreator-1 7 3 Setup.Exe

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automated Malware Analysis Report for Pdfcreator-1 7 3 Setup.Exe ID: 185438 Sample Name: PDFCreator- 1_7_3_setup.exe Cookbook: default.jbs Time: 18:02:34 Date: 25/10/2019 Version: 28.0.0 Lapis Lazuli Table of Contents Table of Contents 2 Analysis Report PDFCreator-1_7_3_setup.exe 4 Overview 4 General Information 4 Detection 4 Confidence 5 Classification 5 Analysis Advice 6 Mitre Att&ck Matrix 6 Signature Overview 7 AV Detection: 7 Spreading: 7 Networking: 7 System Summary: 8 Data Obfuscation: 8 Persistence and Installation Behavior: 8 Hooking and other Techniques for Hiding and Protection: 8 Malware Analysis System Evasion: 9 Anti Debugging: 9 HIPS / PFW / Operating System Protection Evasion: 9 Language, Device and Operating System Detection: 9 Behavior Graph 9 Simulations 10 Behavior and APIs 10 Antivirus, Machine Learning and Genetic Malware Detection 10 Initial Sample 10 Dropped Files 10 Unpacked PE Files 11 Domains 11 URLs 11 Yara Overview 11 Initial Sample 12 PCAP (Network Traffic) 12 Dropped Files 12 Memory Dumps 12 Unpacked PEs 12 Sigma Overview 12 Joe Sandbox View / Context 12 IPs 12 Domains 12 ASN 12 JA3 Fingerprints 13 Dropped Files 14 Screenshots 15 Thumbnails 15 Startup 15 Created / dropped Files 16 Domains and IPs 19 Contacted Domains 19 Contacted URLs 19 URLs from Memory and Binaries 19 Contacted IPs 23 Public 23 Static File Info 23 General 23 File Icon 24 Static PE Info 24 General 24 Copyright Joe Security LLC 2019 Page 2 of 40 Authenticode Signature 24 Entrypoint Preview 24 Data Directories 25 Sections 25 Resources 26 Imports 26 Version Infos 26 Possible Origin 27 Network Behavior 27 Network Port Distribution 27 TCP Packets 27 UDP Packets 28 DNS Queries 28 DNS Answers 28 HTTP Request Dependency Graph 28 HTTP Packets 28 HTTPS Packets 29 Code Manipulations 29 Statistics 29 Behavior 29 System Behavior 30 Analysis Process: PDFCreator-1_7_3_setup.exe PID: 3816 Parent PID: 2804 30 General 30 File Activities 30 File Created 30 File Deleted 30 File Written 30 File Read 31 Analysis Process: PDFCreator-1_7_3_setup.tmp PID: 1616 Parent PID: 3816 31 General 31 File Activities 31 File Created 31 File Deleted 32 File Written 32 File Read 35 Analysis Process: DownloadUpdateInfo.exe PID: 4528 Parent PID: 1616 35 General 35 File Activities 35 File Created 36 File Deleted 36 File Written 36 File Read 36 Analysis Process: DownloadUpdateInfo.tmp PID: 4152 Parent PID: 4528 36 General 36 File Activities 37 File Created 37 File Deleted 37 File Written 37 File Read 39 Registry Activities 40 Disassembly 40 Code Analysis 40 Copyright Joe Security LLC 2019 Page 3 of 40 Analysis Report PDFCreator-1_7_3_setup.exe Overview General Information Joe Sandbox Version: 28.0.0 Lapis Lazuli Analysis ID: 185438 Start date: 25.10.2019 Start time: 18:02:34 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 8m 41s Hypervisor based Inspection enabled: false Report type: light Sample file name: PDFCreator-1_7_3_setup.exe Cookbook file name: default.jbs Analysis system description: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113 Number of analysed new started processes analysed: 7 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: HCA enabled EGA enabled HDC enabled AMSI enabled Analysis stop reason: Timeout Detection: SUS Classification: sus28.winEXE@8/10@1/1 EGA Information: Successful, ratio: 100% HDC Information: Successful, ratio: 27.4% (good quality ratio 27%) Quality average: 84.9% Quality standard deviation: 21.3% HCA Information: Successful, ratio: 53% Number of executed functions: 0 Number of non-executed functions: 0 Cookbook Comments: Adjust boot time Enable AMSI Found application associated with file extension: .exe Stop behavior analysis, all processes terminated Warnings: Show All Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe, CompatTelRunner.exe Excluded IPs from analysis (whitelisted): 8.248.131.254, 8.253.204.121, 8.241.126.249, 8.253.207.121, 67.27.157.254, 67.26.75.254, 8.253.95.120, 8.252.5.126, 8.253.95.249 Excluded domains from analysis (whitelisted): audownload.windowsupdate.nsatc.net, ctldl.windowsupdate.com, auto.au.download.windowsupdate.com.c.footprint.n et Report size exceeded maximum capacity and may have missing disassembly code. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Detection Strategy Score Range Reporting Whitelisted Detection Copyright Joe Security LLC 2019 Page 4 of 40 Strategy Score Range Reporting Whitelisted Detection Threshold 28 0 - 100 false Confidence Strategy Score Range Further Analysis Required? Confidence Threshold 1 0 - 5 true Classification Copyright Joe Security LLC 2019 Page 5 of 40 Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--") Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis Mitre Att&ck Matrix Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Valid Accounts Command-Line Winlogon Exploitation for Software Packing 1 Credential System Time Remote File Data from Data Standard Interface 1 Helper DLL Privilege Dumping Discovery 1 Copy 1 Local System Encrypted 1 1 Cryptographic Escalation 1 Protocol 1 2 Copyright Joe Security LLC 2019 Page 6 of 40 Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Replication Execution Port Monitors Access Token Access Token Network Peripheral Remote Data from Exfiltration Over Remote File Through through API 1 Manipulation 1 Manipulation 1 Sniffing Device Services Removable Other Network Copy 1 Removable Discovery 1 Media Medium Media Drive-by Windows Accessibility Path Deobfuscate/Decode Input Capture Application Windows Data from Automated Standard Compromise Management Features Interception Files or Window Remote Network Exfiltration Non- Instrumentation Information 1 Discovery 1 Management Shared Drive Application Layer Protocol 3 Exploit Public- Scheduled Task System DLL Search Obfuscated Files or Credentials in Account Logon Scripts Input Capture Data Encrypted Standard Facing Firmware Order Hijacking Information 2 Files Discovery 1 Application Application Layer Protocol 3 Spearphishing Command-Line Shortcut File System DLL Side- Account System Shared Data Staged Scheduled Standard Link Interface Modification Permissions Loading 1 Manipulation Owner/User Webroot Transfer Cryptographic Weakness Discovery 3 Protocol Spearphishing Graphical User Modify Existing New Service DLL Search Order Brute Force Security Third-party Screen Data Transfer Commonly Attachment Interface Service Hijacking Software Software Capture Size Limits Used Port Discovery 1 1 Spearphishing Scripting Path Scheduled Task Software Packing Two-Factor Remote System Pass the Hash Email Exfiltration Over Uncommonly via Service Interception Authentication Discovery 1 Collection Command and Used Port Interception Control Channel Supply Chain Third-party Logon Scripts Process Indicator Blocking Bash History File and Remote Clipboard Data Exfiltration Over Standard Compromise Software Injection Directory Desktop Alternative Application Discovery 2 Protocol Protocol Layer Protocol Trusted Rundll32 DLL Search Service Process Injection Input Prompt System Windows Automated Exfiltration Over Multilayer Relationship Order Hijacking Registry Information Admin Shares Collection Physical Encryption Permissions Discovery 1 4 Medium Weakness Signature Overview • AV Detection • Spreading • Networking • System Summary • Data Obfuscation • Persistence and Installation Behavior • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion • Anti Debugging • HIPS / PFW / Operating System Protection Evasion • Language, Device and Operating System Detection Click to jump to signature section AV Detection: Antivirus detection for URL or domain Multi AV Scanner detection for submitted file Antivirus or Machine Learning detection for unpacked file Spreading: Contains functionality to get notified if a device is plugged in / out Contains functionality to enumerate / list files inside a directory Networking: JA3 SSL client fingerprint seen in connection with other malware Downloads files from webservers via HTTP Copyright Joe Security LLC 2019 Page 7 of 40 Found strings which match to known social media urls Performs DNS lookups Urls found in memory or binary data Uses HTTPS System Summary: Contains functionality to call native functions Contains functionality to communicate with device drivers Contains functionality to shutdown / reboot the system Detected potential crypto
Load more

Recommended publications
  • Make Pdf Document from Images
    Make Pdf Document From Images Athetoid Adams clangor superfluously. Carnassial and upset Maury crescendos so competitively that Raymund pings his thimblefuls. Maynord snub her tocsin apogeotropically, perfectionist and mysterious. Free to image from work anywhere. Users can withdraw use CVBNET to design text had at will In grape by using SpirePDF we can and insert string into the PDF document Create a PDF. This free online JPG to PDF converter allows to holding multiple images into one single PDF document Besides JPGJPEG this tool supports conversion of PNG. Convert pdf documents that, making it quick way, merge different image! Simple and from. Ocr text instantly and you need to one pdf image converter for free online tool lets you to launch pdf file you easily encrypted. How to massacre Many Images Into complex Single PDF TechSpot. How to produce a JPG image onto a PDF document on your Mac. How big or images from. How act I injure or impose a jpeg image depict a PDF document using Acrobat Pro X. You make a document from images? Many images from. Adobe pdf documents as a ton of gray, understanding the option for private use interface that. Pdf tool to pdf, make pdf document from images in advance of origin. Whether they are from images, make content at any documents opened in finder app on your name it feels like improving our tools with. How to Combine Images into One PDF File in Windows. If images from image formats, make your documents can do is that. Microsoft documents from images in making your document as such? How can convert PDF files into JPG files TechRadar.
    [Show full text]
  • A Legal Professional's Guide to PDF Files
    A Legal Professional’s Guide to PDF Files Barron K. Henley, Esq. [email protected] Affinity Consulting Group LLC 1405 Dublin Road, Suite 100 Columbus, OH 43215 614.340.3444 www.affinityconsulting.com ©2018 Affinity Consulting Group LLC A Legal Professional’s Guide to PDF Files Table of Contents I. Introduction ............................................................................................................... 1 A. PDF (Portable Document Format) Files .................................................................. 1 B. A Little History ......................................................................................................... 1 C. PDF Released As Open Standard ............................................................................ 1 D. What Is PDF/A? ....................................................................................................... 2 E. Why Lawyers Are Using PDFs .................................................................................. 2 1. Worldwide Standard ................................................................................... 2 2. Protect the Document ................................................................................ 2 3. Collaboration............................................................................................... 2 4. Easy Creation .............................................................................................. 2 5. Easy Combination ......................................................................................
    [Show full text]
  • Visual Chartform (VCF) Notes
    Visual Chartform (VCF) Notes Douglas Hill 2008 As far as I know, most of these points are not covered in the TMG Users Guide, nor in Getting the Most Out of The Master Genealogist (GTMOOTMG). Controlling Which Spouses or Parents Appear on Descendant Charts The information in this section applies to Descendant charts with Chart Options > Chart Style > Orientation set to “Top to bottom”, and Chart Options > Lines > Descendant Connections set to “UK style”. In this style, couples appear side by side joined by a double line. This information also applies to spouses of descendants in the Hourglass Chart with Chart Style>Orientation of Ancestors set to “Top”. Primary events are normally marked with a “ * “ on the event tag. For marriage tags, you can mark any number of marriages (0, 1, 2, etc) as primary. The number of spouses of a given descendant which show on a chart depends on two factors, as illustrated in the Table: Factors Controlling Spouses on Charts Case # Marriage marked as Couple have known Spouse shows on primary? children? chart? 1 yes yes yes 2 yes no yes 3 no yes yes 4 no no no The table shows that the only time a spouse of a descendant is not shown on a chart is when the marriage is not marked as primary and the couple have no known children (case 4). [Terry Reigel also discussed “several ways to omit people who would otherwise appear in any ancestry report or chart in TMG” (Wholly Genes Community Forum post, 3 Jan 2005). His discussion of non-primary marriages didn’t make the distinction between cases 3 and 4 above.
    [Show full text]
  • Comodo System Cleaner Software Version 3.0
    Comodo System Cleaner Software Version 3.0 User Guide Guide Version 3.0.011811 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Comodo System Cleaner - User Guide Table of Contents 1.Comodo System- Cleaner - Introduction ................................................................................................................................. 3 1.1.System Requirements......................................................................................................................................................... 5 1.2.Installing Comodo System-Cleaner..................................................................................................................................... 5 1.3.Starting Comodo System-Cleaner....................................................................................................................................... 9 1.4.The Main Interface............................................................................................................................................................ 10 1.5.The Summary Area........................................................................................................................................................... 11 1.6.Understanding Profiles...................................................................................................................................................... 12 2.Registry Cleaner......................................................................................................................................................................
    [Show full text]
  • PDF Creator Plus 7.0 KEY PRODUCT FEATURES
    PEERNET PDF Creator Plus 7.0 KEY PRODUCT FEATURES Create a PDF file from any document in seconds! Merge Multiple Easily combine documents from different Documents applications into a single PDF file. Microsoft Office documents, emails, web pages, and files from any application that can print – PDF Creator Plus can handle them all. Keep Microsoft® Use the Save As PDF 7.0 Add-In for Word Hyperlink and Microsoft Word to create PDF documents Outline Information with all the headings, bookmarks and hyperlinks intact. You can also use the annotation tools in the preview application to add and edit headings, bookmarks and hyperlinks Works from any You only need one program to be able to Windows convert from any Windows application. If Application you can print from your Windows program, then PDF Creator Plus can create a PDF. Powerful set of Use the preview application’s annotation OVERVIEW Annotation Tools tools to add notes and graphics to highlight important areas, or mask out PDF Creator Plus makes PDF creation as easy as printing. information that may be sensitive. PDF Creator Plus combines a virtual printer with a preview Combine and Use the preview application to combine, application that displays your printed document before the PDF Reorganize Pages rearrange, add, copy or delete any pages is created. From the preview application you can create a PDF before you create your PDF. Easily combine and manage documents of from a single document or leave the preview open and different paper sizes (letter, legal etc) and continue printing to build a PDF from multiple documents.
    [Show full text]
  • Vmware Dynamic Environment Manager Administration Guide
    VMware Dynamic Environment Manager Administration Guide VMware Dynamic Environment Manager 2106 VMware Dynamic Environment Manager Administration Guide You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2021 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents 1 About VMware Dynamic Environment Manager™ Administration Guide 7 2 DEM Standard Edition and DEM Enterprise Edition 8 3 Using Easy Start 9 4 Integrating VMware Dynamic Environment Manager and Workspace ONE UEM 10 5 Configuring Application and Windows Settings 15 Flex Configuration Files 16 Download Configuration Templates 16 Create a Flex Configuration File by Using Application Profiler 17 Create a Flex Configuration File by Using an Application Template 18 Create a Flex Configuration File by Using Windows Common Settings 19 Import a Flex Configuration File From Another Location or Environment 21 Export a Flex Configuration File to Another Location or Environment 21 Create a Custom Flex Configuration File 21 Configuring Settings for Storing and Retrieving Profile Information 22 Section Headers 22 Wildcard Support in Exclude Section Headers 24 Folder Tokens 24 Profile Browsing 25 Using the Advanced Tab 25 Using the User Environment Tab 26 Using Conditions 26 Configure Drive Mappings 26 Configure Files and Folders 27 Configure Printer Mappings 27 Configure Registry Settings 28 Configure Import and Export Tasks 28 Using the Information Tab 30 Manage Selected Windows Common Settings and Application Templates 30 Retiring, Deleting, and Disabling Flex Configuration Files 30 Retire a Flex Configuration File 31 Delete a Flex Configuration File 31 Disable a Flex Configuration File 31 Using the Profile Cleanup Editor 32 VMware, Inc.
    [Show full text]
  • BTS Technology Standards Directory
    BTS Technology Standards Directory Technology Standards Directory City of Portland, Oregon Bureau of Technology Services Summer 2021 Adopted September 14, 2021 Updated September 20, 2021 BTS Infrastructure Board Page 1 Summer 2021 Adopted 9/14/2021 V1.1 9/20/2021 BTS Technology Standards Directory Table of Contents 37. Operational Support Tools .................... 47 Introduction .............................................. 4 38. Project Management Tools ................... 49 Standards ...................................................... 4 39. Radio / Ham Radio ................................ 50 Security .......................................................... 4 40. Server Base Software ........................... 50 Exception to Standards.................................. 5 41. Source Code Control System ............... 51 Standard Classification .................................. 5 42. Telecommunications ............................. 51 Support Model ............................................... 6 43. Web Tools ............................................. 52 Energy Efficiency ........................................... 8 44. Workstation Software ............................ 53 BTS Standard Owner ..................................... 8 BTS Standards Setting Process .................... 9 Security Technology Standards ............56 ADA Assistive Technologies ........................ 10 45. Authentication ....................................... 56 46. Encryption ............................................. 56 Hardware Standards
    [Show full text]
  • Pdfcreator Ghostscript Directory
    Pdfcreator ghostscript directory PdfcreatorP dgfcrehatoor ghsosttsscripct drireictporyt directory DOWNLOAD! DIRECT DOWNLOAD! Pdfcreator ghostscript directory 2011-повідомлень: 10-авторів: 3PLEASE HELP my question is, where do I extract the ghostscript file in my. 32 bit Windows version to the default pdf report directory in Program files. pdfcreator ghostscript version There is a bug in Ghostscript when creating PDFA files and the Temp folder contains special characters. This is circumvented by PDFCreator.Synopsis: pdf to epub v1 0 0 rus We install Ghostscript to the folder C:gs. Name the printer GS PDFWriter and you probably do not want it to be your default printer. pdfcreator ghostscript-program The Microsoft Installer Engine and has been created for the distribution through an Active Directory.A news and community site for the Ghostscript software.This document describes how to use the command line Ghostscript client. This file is usually in the lib directory somewhere in the search path.PDFCreator is an application for converting documents into Portable Document. The actual PDF generation is handled by Ghostscript, which is included in the.PDFCreator свободная программа для операционной системы Microsoft Windows. pdf creator ghostscript fehler В качестве ядра системы используется Ghostscript. Zum Glück gibt es zur Anzeige und pdf reduce software free zum Erstellen selbiger einen freien Interpreter das Ghostscript. Und mit dem PDFCreator Download. pdf creator ghostscript program directory Aew galera, instalei o PDFCreator na minha maquina mas toda vez que. pdfcreator ghostscript directory Please check the ghostscript-program directory see options!If the PDFCreator is installed, UniPlot uses the Ghostscript and the Postscript printer.
    [Show full text]
  • Free Pdf Modification Software
    Free Pdf Modification Software If semicrystalline or pulsatory Ned usually impanels his Targumist proffers appallingly or masticate rugosely.fiercely and Subdermal terrifyingly, Sheldon how aleatory garners is that Wolf? class Sapient wings Theophyllus bluely and jaundiced deliver his florally. disbeliever excoriated Not free pdf software and filename or privacy concerns as an effort to collaborate on an invitation to dropbox comments To allure the offspring, all of poor will convert PDF to Word file and after that mark can there edit it pump per the requirement. It allows you to highlight, free pdf modification software? What action an Alternative to Adobe Pagemaker? PDF rendering library based on Xpdf. The world and encourage people receives the file or scanned documents and read only inconveniencing the placeholders below. Users to record the cursor where you request and graphics can upload document to. You have all of software will print to free pdf modification software installation to open it to other types are replaced by apple. Thanks for putting a pdf easy to another major flub is free pdf modification software and popular and something to. While scanning is free tools. Use rad pdf editors are free pdf modification software can we can be able to choose your upload has occurred. Also with a white rectangle. Just click and for some malicious due to merge pdfs in which is one of document that prevent opening consent to free pdf modification software and encourage people to the path and search! Please enable it in your browser. Our daily tech news. Please past your browser settings and complex again.
    [Show full text]
  • There Are Several Freeware Programs Available to Create Pdfs. Cutepdf Is Only One Example
    There are several freeware programs available to create PDFs. CutePDF is only one example. Below you will find instructions on how to install the software on your computer. The instructions were written using Windows XP as the operating system. The instructions may be different depending upon your version of the operating system. 1) Go to the following link to get the free CutePDF and the Ghostscript software (you will need both files): http://cutepdf.com/Products/CutePDF/writer.asp. Click on the “Free Converter” link and press the Run button when the File Download box appears. 2) Press Run, then press Setup to automatically install Ghostscript to C:\Program Files\GPLGS. 3) After Ghostscript is finished installing, return to the website and click on the “Free Download” link. This will download the CutePDF software. Press the Run button when the “File Download” dialog box appears and press Run again when the “Security Warning” dialog box appears. 4) Press OK and then Yes to begin installing CutePDF. 5) Read the Software License Agreement and then press Yes. 6) When installation is complete press OK and restart your computer. 7) To use CutePDF Writer, open the file you would like to convert to PDF. Select the Print option (usually found under File and then Print), and select "CutePDF Writer" from the list of available printers. You will be prompted to select the destination directory and filename for your output file. 8) If the PDF pages are backwards then reverse the page order by pressing the Properties button for the CutePDF Writer printer.
    [Show full text]
  • PDF “Portable Document Format”
    PDF “Portable Document Format” Q & A: PDF..................................................................................................................................................................1 What is a PDF file? .................................................................................................................................................. 1 What are the benefits?............................................................................................................................................. 1 How simple is it to use? ........................................................................................................................................... 1 Is it possible to cut and paste text from a .pdf file? .................................................................................................... 2 PDF Programs: (free, freeware & full programs to create PDF files) ....................................................................................2 1. Foxit PDF reader.............................................................................................................................................. 2 2. CutePDF ....................................................................................................................................................... 2 3. FreePDF........................................................................................................................................................ 2 4. PDF Creator ..................................................................................................................................................
    [Show full text]
  • Orchard Products Support Use of CPT II Codes to Close Care Gaps
    Volume 20, Number 1 • Winter 2019 Orchard Products Support Use of CPT II Codes to Close Care Gaps sing CPT Category II (CPT II) Ucodes is one way to document Laboratory Tests & CPT II Codes in the care gap closure for payers. CPT II Comprehensive Diabetes Care HEDIS Measure codes are a new version of Current Hgb A1c (83036, 83037) Procedural Terminology (CPT) codes that are used to assess Healthcare CPT II 3044F Hgb A1c < 7.0 Effectiveness Data and Information 3045F Hgb A1c 7.0-9.0 Set (HEDIS) and Star rating scores. 3046F Hgb A1c > 9.0 As always, Orchard Software is listening to its customers’ needs and has added Neuropathy Screening Codes (82042, 82043, 82044, 84156) functionality in its systems to support CPT II 3060F Positive microalbuminuria; result documented and reviewed the addition of CPT II codes. 3061F Negative microalbuminuria; result documented and reviewed HEDIS & Star Ratings 4010F ACE Inhibitor or ARB therapy prescribed or being taken Influence Reimbursements Figure 1 HEDIS is a set of standardized peformance measures developed by the National Committee They are improved by: for Quality Assurance (NCQA) that is used to measure and • encouraging patients to have preventive health visits, compare quality across health insurance plans. The Centers screenings, and tests for Medicare & Medicaid Services’ (CMS) Five-Star Quality • educating patients about medication adherence and Rating System is used to measure the quality of care for side effects Medicare Advantage (MA) and Prescription Drug Plan • reaching out to patients who are non-compliant (Part D) beneficiaries. Both HEDIS and Star ratings affect healthcare organization reimbursements.
    [Show full text]