You could also diff the binaries with the unmodified version. We did that at work once (on behalf of the publisher of the same software) and the cracked version was literally one byte different. Just to be sure, we also reverse-engineered that part of the code to see what the original vs. cracked logic did. No surprises, no malware, just skipping over the license check.