Both Android and Java malware, delivered via ZIP-based packages, have reached high volumes in the wild, and continue to grow at a rapid rate. In his VB2014 paper, Gregory Panakkal explores the ZIP file format, focusing specifically on APK files as handled by the Android OS. He also explores new malformations that can be applied to APK files to break typical AV engine unarchiving, thus bypassing content scanning, while keeping the APK valid for the Android OS.
more here........https://www.virusbtn.com/virusbulletin/archive/2015/03/vb201503-ZIP
more here........https://www.virusbtn.com/virusbulletin/archive/2015/03/vb201503-ZIP