My Wordpress website got infected. The code was heavily obfuscated, so this may not be the exact representation.
The first code was inserted at the beginning of many important PHP files (index, config, settings) and it actually includes a ~10KB *.ICO files that got deleted, and is probably some malicious executable file.
There are also two other codes (in numerous versions in many folders), which I'm pasting down. If someone recognizes these, or can see what should these do, it would be interesting to know what these actually do.
[removed]
And the second code is:
[removed]