Hi, I am still a learner myself but can tell you something I came across.
I don't think you can tell if its using nanomites just by get Access Violations. Armadillo itself makes a bunch of Access Violations and it could also be because of bad IAT. If you dumped correctly, then fixed IAT and hit a CC when trying to run, then for sure its using nanomites.
Also, here is what you can try to find Dillo version:
In olly BP WriteProcessMemory, then F9, count, how many times FATHER breaks on WriteProcessMemory. If only two times, then the SON will unpack itself so you must search for armVersion> inside SON after it unpacks dillo code. I check for it after I attach the SON, and Run it. When Olly breaks on Privileged Instruction, this is the time I search for that string.
Hope that might help you.