IP Address Hosted on EC2 Hacked, <IP_address>/wp-admin showing Hacker Page, what should i do?

1. Stop the EC2 instance ( you can do this from the console. Do not terminate it yet)
2. Revoke any access keys the instance is using
3. Take a snapshot of the EBS volume
4. Terminate the Instance
5. Create a new volume from the snapshot
6. Create a new instance
7. Mount the newly created EBS volume to your new instance and monitor the logs

Hello.

Do you have any snapshots of EC2 etc. from before the hack occurred?
If you do not have a snapshot, you cannot restore your data on AWS.

Since wp-admin is easily used for attacks, we usually recommend installing a plugin that changes the URL.
I think you can use a plugin such as WPS Hide Login to change the URL.
https://wordpress.org/plugins/wps-hide-login/