Ransomware is one of the most pervasive cyber threats, capable of causing widespread disruption by encrypting critical data and demanding ransom payments. Detecting zeroday ransomware, which exploits unknown vulnerabilities, remains a significant challenge due to its ability to evade traditional detection mechanisms. A novel approach to addressing this challenge was explored through the application of assembly language bytecode analysis combined with a Random Forest classifier, enabling the identification of ransomware based on its underlying operational patterns rather than relying on predefined signatures. Through feature extraction from opcode sequences, instruction frequencies, and control flow structures, the classifier demonstrated high precision and recall, effectively distinguishing between benign and malicious executables even in the presence of unseen ransomware samples. The model's feature importance analysis further enhanced understanding of ransomware behavior at a granular level, revealing which bytecode characteristics were most indicative of ransomware activity. The proposed method exhibited strong generalizability to zero-day variants while maintaining computational efficiency, providing a scalable solution for real-time ransomware detection in diverse environments.