There are a couple ways to go about finding the files that are infected. First you should install the TAC (Theme Authenticity Checker) wordpress plugin. This will tell you if there is any static links on your site and where they can be found.
I'm not to familiar with this malware attack, but from what I can gather off of a quick G search, it uses a static link to redirect to a malware site to install malware etc etc...
TAC should tell you where this redirect link is.
Also, there is a plugin that allows you to find base64 encoding that might be on your php files. I forget the name of the plug but a quick G search should allow you to find many that allow you to search for base64. It could be malicious and it could not. It's always good to check.
Hope I helped out somewhat!