This type of attack makes it more difficult to tell if you are a victim, once you have taken control as mentioned, the criminals can erase their tracks leaving a well-hidden backdoor and modifications to module files or the CMS core. The dynamics are similar to the vulnerability affecting PHPUnit (CVE-2017-9841). In this specific case, not finding the blm.php file in the root or in the logs is no guarantee of security that you have not already been hacked.
So yes a check you can do it, but I recommend checking the recently modified or added files, which is possible to do via SSH. A very useful thing is to check if there is any encrypted or encoded code, for example in base64: whose presence is always suspicious. Keep in mind that for modules purchased on Prestashop Addons it is forbidden to use these systems, so a module that uses them would not be present in the catalog.
Some tools present on cPanel and Plesk can be very useful in identifying any infected files, for example ImunifyAV .
However, I remember the SSH access to your Hosting allows you to use the find command to get all the recently modified files, filtering them by extension, then looking for changes mainly to .php and .tpl files in the case of PrestaShop. There are also here Server side tools for cPanel and Plesk that allow you to monitor changes to certain files / folders.