The following data is sent once a day to Malwarebytes: program version, os version, os architecture (x64, x86), os language (english, german, etc), filesystem (ntfs, fat32), process run as administrator or not, computer is joined into a domain or not, machine id. No personal data is collected. These are used for statistics data to see how many users of WFC exist. Depending on the number of existing users, WFC will continue to receive new features or not. A reduced number of installations will probably stop the development of WFC, a large number will probably continue the development.
mbcut(32).dlls are used to generate a unique machine id based on os architecture. These are the same in any Malwarebytes products. Newtonsoft.Json.dll is used to create the JSON data which is sent to Malwarebytes servers.
Note: This data is sent if Windows Firewall has outbound filtering disabled (Low Filtering or No Filtering profile is used) or if there is an allow rule for wfc.exe and outbound filtering is enabled (Medium Filtering profile). In case it can't send the data if will fail silently without making nasty stuff. You can check this through Connections Log where all connections (allowed or blocked) are anyway logged. Keep in mind that if everyone will block this, it may lead to the decision of not investing anymore in WFC because there are not enough users to keep supporting it.