The malicious MSBuild project used by cybercriminals in recent attacks was designed to compile and execute specific C# code that in turn decodes and executes Cobalt Strike.