Yikes, hate those stupid automated hackers.
The nav-menu.php file is actually a core WordPress file.
GeneratePress displays the navigation using the core WordPress function wp_nav_menu() as it should. We’re not doing anything special or custom when it comes to the navigation/nav-menu.php file – no walkers or anything – so I doubt the issue is coming from the theme itself.
You may want to look at the plugins you have installed, and make sure everything is up to date.
In my experience, websites getting hacked usually come down to the hosting security itself. For example, GoDaddy shared hosting frequently gets hacked (or it did, not sure about anymore).
If you find anything out that relates to GP, definitely let me know.
Hope you get it all sorted out – I’m here if you have any questions or concerns 🙂