I would agree that there is a strong possibility of a hacked site with that code. The @file_put_contents statement is trying to write to your wp-admin folder. That’s not good.
So I would recommend a de-hacking inspection. If you think your site got hacked, there are several (many) things you must do to ‘de-hack’ it. Including:
- changing all passwords (WP admins, FTP, hosting, database)
- reinstalling WP (via the Updates page) and then reinstalling all themes (from the repository) and plugins manually.
- checking for unknown files (via your hosting File Manager; if you sort by date, invalid ones should stick out because you updated everything).
There are lots of help in the googles on how to de-hack a site. I wrote a set of procedures that I use. It can be done, though, just takes a bit of work.