Bad logic is bad.
I'm no switch-scientist here but based on the SwitchBrew article about the NCA format, it might be possible to inject bad data via a modified NCA file. Which is why I'm calling C2C suspect.
And either way, even you admit that 25E looks more legit given it doesn't have a fuckton of extra useless data.
You can inject as many brickers as you want into (non-file system portions of a) NCA. They will just sit there, dormant, as they are not being invoked by a modified exefs or are in the romfs, replacing executable contents the main executable already invokes.
Modified exefs = not great. Though that does not automatically mean malware. Reverse the executable before saying one way or another.
Modified romfs = not great. Check the changes, make sure they aren't executable content.
NCAs looking weird = meaningless. If the data is not in the actual file system, the game will 100% not invoke it. And the data in question is just random nonsense, not any distinct executable content - let alone malicious executable content.
You're doing politics again. I'm talking about technical fact. You're talking about which MD5 is better. I'm educating you. Stop calling something suspect. Do the actual work of understanding the technical facts at hand. If you suspect malware, fire up IDA and reverse your malicious executable. If you do not have a malicious executable, do not have a secret file system, just have random data appended to some NCAs, you have nothing.
It is not possible - it is *
not possible* - for an unmodified executable and unmodified game content (romfs) to invoke code located in a place that said executable was never programmed to read from, to execute code from. That's just so far from how things work that it is more humorous than anything else.
You would have signs of tampering with the executable (or an executable of some sort stored in romFS for some reason, one or the other) and comparing to a clean version (which we have) would reveal all. Because nothing malicious is actually afoot, you have paranoid nonsense.