I don’t think this was mining malware, I think it was just the wallet address. Twitter has been (badly) playing a cat-and-mouse game with a Cryptocurrency version of a classic 419 scam (i.e. send me money so I can send you back more). Twitter has been fighting it by flagging tweets that post wallet IDs, so the scammers have been finding other ways to obfuscate the wallet IDs, like this.
