I am trying to choose a mode of operation for encryption which does has the lowest malleability
Well, Format Preserving Encryption modes of operation gives ideal malleability resistance (for modes that never give an 'authentication failure' output); any arbitrary change in the ciphertext (be it a single bit flip of the last bit in the ciphertext, reordering blocks or something more drastic) will always result in a completely unpredictable (garbled) plaintext on decryption [1]. If you want to go this route, I suggest you look at the FF1 mode from this document.
BTW: is there a specific reason you don't want to do message authentication? Any decent AEAD mode of operation gives even better guarantees. The only valid reason I can think of is 'the ciphertext must be precisely as long as the plaintext'...
[1]: The obvious exception is if the attacker replaces the ciphertext with a previously generated valid ciphertext. This can be handled by including a tweak that varies by message (e.g. it's a sequence number which is validated as always incrementing by the receiver); the result of the decryption depends on the tweak, and hence preserves this 'complete nonmaleability' property.