iRamDisk is a nice application that spares you having to use hdutil to create a RAM disk. It features as shareware (also known as payware) and has the regular time-bomb mechanism that makes the application expire after some time.

Searching the symbols for expired, around 0x1000018d8 we find a method called continueApplicationDidFinishLaunching which contains a time-bomb around address 0x1000022bf:

                                       ; Basic Block Input Regs: rax rbp -  Killed Regs: rbx rsi rdi
00000001000022bf 488B35C2270300                  mov        rsi, qword [ds:objc_sel_isExpiredDemo] ; @selector(isExpiredDemo)
00000001000022c6 488B9D58FFFFFF                  mov        rbx, qword [ss:rbp-0x140+var_152]
00000001000022cd 4889DF                          mov        rdi, rbx
00000001000022d0 FF1532CE0200                    call       qword [ds:imp___got__objc_msgSend]
00000001000022d6 3C01                            cmp        al, 0x1
00000001000022d8 0F85EE010000                    jne        0x1000024CC
                                       ; Basic Block Input Regs: rax rbx r8 r12 -  Killed Regs: rax rcx rdx rbx rbp rsi rdi r8 r12 r13 r14 r15
00000001000022de 48899D58FFFFFF                  mov        qword [ss:rbp-0x140+var_152], rbx
00000001000022e5 4C8B357C390300                  mov        r14, qword [ds:bind__OBJC_CLASS_$_NSString]
00000001000022ec 488B356D260300                  mov        rsi, qword [ds:objc_sel_mainBundle] ; @selector(mainBundle)
00000001000022f3 488B3D76390300                  mov        rdi, qword [ds:bind__OBJC_CLASS_$_NSBundle]
00000001000022fa 4C8B3D07CE0200                  mov        r15, qword [ds:imp___got__objc_msgSend]
0000000100002301 41FFD7                          call       r15
0000000100002304 4889C7                          mov        rdi, rax
0000000100002307 E8DE090200                      call       imp___stubs__objc_retainAutoreleasedReturnValue
000000010000230c 48898538FFFFFF                  mov        qword [ss:rbp-0x140+var_120], rax
0000000100002313 488B354E260300                  mov        rsi, qword [ds:objc_sel_localizedStringForKey_value_table_] ; @selector(localizedStringForKey:value:table:)
000000010000231a 488D1517450300                  lea        rdx, qword [ds:cfstring____is_a_Shareware] ; @"%@ is a Shareware"
 
...
 
000000010000245f 488D1552440300                  lea        rdx, qword [ds:cfstring_Your_trial_version_of____has_expired_] ; @"Your trial version of %@ has expired!"

The second time-bomb is at 0x100003fe0:

0000000100003fe0 488B3581090300                  mov        rsi, qword [ds:objc_sel_localizedStringForKey_value_table_] ; @selector(localizedStringForKey:value:table:)
0000000100003fe7 4180FE01                        cmp        r14L, 0x1
0000000100003feb 7509                            jne        0x100003FF6
                                       ; Basic Block Input Regs: <nothing> -  Killed Regs: rdx
0000000100003fed 488D15242B0300                  lea        rdx, qword [ds:cfstring_Trial_Version_Has_Expired] ; @"Trial Version Has Expired"
0000000100003ff4 EB07                            jmp        0x100003FFD
                                       ; Basic Block Input Regs: <nothing> -  Killed Regs: rdx
0000000100003ff6 488D153B2B0300                  lea        rdx, qword [ds:cfstring_Trial_Version] ; @"Trial Version" XREF=0x100003feb
                                       ; Basic Block Input Regs: rbx -  Killed Regs: rcx rdi r8
0000000100003ffd 488D0D94260300                  lea        rcx, qword [ds:cfstring_]     ; @"" XREF=0x100003ff4
0000000100004004 4C8D05CD2A0300                  lea        r8, qword [ds:cfstring_THRamDiskLocalizable] ; @"THRamDiskLocalizable"

which is more interesting than the previous one: the first jump the application does, jumps to labeling the application as a "Trial Version". If that jump does not occur, then the application set the application as being expired. In that case, we jump directly to the "Trial Version" because are happy enough with a never expiring trial.

There are no other protections.