Software with a great deal of structured entropy may be vacillating between native code, encrypted and compressed segments, and padding. Our analysis finds that software with highly structured entropy, compared to software with less structure, can be an indicator of maliciousness. In addition, we show how this notion of highly structured entropy can be coupled with a machine learning approach for automated detection of malware.