This post covers an incident response analysis of a malicious MSBuild in-line task file containing an embedded Cobalt Strike beacon DLL, including the method used to extract and statically analyze the payload.