Any hope?
Sure there is.
1. save your wp-config.php (youve already done that)
2. locate what version of wp you are using
3. once you have that, go here:
https://www.ads-software.com/download/release-archive/
and download the version you are using.
4. extract the files, locate wp-blog-header.php, and upload a fresh file out of the zip to your site.
5. login as admin, disable all your plugins, change the theme you are using to the default.
6. delete ALL the core WP files, except for that wp-config.php you saved…
7. go through the upgrade process.
—
you also need to audit your database for anything unusual, rogue users, unusual upload paths, plugins being loaded that you dont recognize, posts you didnt make, rogue content inside of posts you did make (continued after the comment below) …
^^ thats all stuff Ive seen done since Ive started cleaning out hacks for people.
… look for anything that looks out of the ordinary.
you also need to change all of your passwords (mysql, ftp, wordpress admin, etc..).
you also should look through whats left after you delete the core wp files to make sure there isnt anything malicious left over in those files.
If you have any other web apps running on that site, take a look at those files..
Thats a short list, Ive probably forgotten something, since Ive just woken up, but it’s a start.