Thanks for everyones input! I still never found the exact code or even which file contained it. But my hosting provider replaced my files with a backup from the day before and it remedied it.
Airlias: The filler image was replaced by the hacker's content but was back up when I fixed it.
fldtrace: Those were my first choices too! I also tried my header.php, functions.php, footer.php, wp-config.php and my htaccess but didn't see anything out of the ordinary.
PBP_Editor: That sounds very useful!! I tried searching through my files manually for scripts and iframes and a few other key phrases that I was told to look for but couldn't find a thing. That plugin would have saved me some time for sure!
I have since taken some steps to (hopefully) make it harder for someone to hack my site:
1. I have chosen a much better password (letters+numbers+uppercase+lowercase)
2. I am using the 'Chap Secure Login' plugin
3. I am using the 'Login Lockdown' plugin
4. I have removed the WordPress version meta tag
5. I have hidden my plugins folder by adding a blank index.php inside
6. All plugins and wordpress is current
7. I renamed the administration account
If there are any other ways to make it more secure, I'd love to know them!