Re: There was almost a standard here
"WinZip, starting with version 12.1, uses the extension .zipx for ZIP files that use compression methods newer than DEFLATE; specifically, methods BZip, LZMA, PPMd, Jpeg and Wavpack. The last 2 are applied to appropriate file types when "Best method" compression is selected.". It doesn't explain how clicking on that executed an autoextractor, but maybe I'm overthinking it and people actually did decompress it with a compatible archive program and manually launched the files within. It's a little weird how many people will go to rather extreme lengths to execute code that is so suspicious. Last year, El Reg posted an article describing a partially successful campaign requiring users to download a RAR file and then decrypt it just to open a PDF, which some people in engineering fields actually did.