The Pincer family of Android malware is designed to hinder analysis. The IMEI, phone number, network provider, and phone model are being checked against default emulator values. Crafty, I was running a generic AVD (Android Virtual Device) at the time and got caught on all of these checks. I set out to patch these values in a hex editor to make it easier to change. Editing this value will change the AVD’s IMEi on reboot. The last four digits of the device’s number are the port number that the Pincers are running on the emulator’s console.”]
Source: https://blog.talosintelligence.com/2013/04/changing-imei-provider-model-and-phone.html

