To answer your question, you can find the original file in the WordPress Github repository.
However, when a WordPress website is hacked and has malware infected files it is recommended to reinstall the entire site with a clean install (without plugins), check the database for infected entries and change all (WordPress, database, etc) passwords.
When you have reinstalled the website you should check all plugins used if they have known security issues before enabling them again. Plugins are the most common cause of security flaws, and should preferably be kept up to date.
You can make it easier for yourself (and your client) by configuring automatic background updates in your wp-config.php file.
I’d also advise reading some guides on WordPress security.