YOu need to do a full cleanup of your site, including
- changing all credentials (hosting, FTP, admin users)
- updating everything (WP, themes, plugins); perhaps even installing via FTP
- check every file for inserted code: index.php, wp-settings.php, wp-config.php
- change credentials on the database (strong passwords!)
- look at htaccess file, and any hidden files.
My procedure is here: https://www.securitydawg.com/recovering-from-a-hacked-wordpress-site/ . ANd there are some other articles to get rid of that particular one, but my procedure is a good start.
Good luck!