Ransomware continues to pose a significant threat to the security of Windows systems, as its rapidly evolving nature enables attackers to bypass traditional signature-based detection methods. The use of opcode-based features, combined with K-Nearest Neighbors (KNN) classification, offers a novel and effective approach to identifying ransomware by analyzing the low-level behavior of executables rather than relying solely on external characteristics. Through extracting opcode sequences from both ransomware and benign Windows executables, and converting them into high-dimensional feature vectors, the method captures behavioral distinctions that facilitate accurate classification. The study demonstrates that feature selection techniques, such as Chi-Square and Information Gain, not only improve computational efficiency but also maintain the model's detection accuracy, significantly enhancing the practicality of deploying machine learning models in real-world cybersecurity environments. Comparative evaluations show that KNN performs competitively with other machine learning approaches, making it a suitable choice for detecting ransomware while balancing efficiency and accuracy. The results emphasize the importance of opcode-based analysis in providing deeper insights into executable behavior, offering robust defense mechanisms against ransomware attacks.