Abstract— Ransomware is a significant cybersecurity threat that encrypts sensitive data or locks users out of systems, demanding payment for recovery. It mainly targets organizations dealing with personal, financial, or intellectual properties. Detecting ransomware is challenging due to its evolving techniques. This study proposes hybrid models that combine deep learning–based feature extraction architectures, including Convolutional Neural Networks (CNN) and Recurrent Neural Networks (RNN), with machine learning classifiers, including Random Forest (RF), K-Nearest Neighbors (KNN), and Support Vector Machine (SVM). Experiments conducted using a dataset of more than 26,548 gray-scale images show that the hybrid models outperform standalone machine learning and deep learning approaches. Notably, the CNN–RF hybrid model achieved the highest accuracy, with 97.39% for binary classification and 94.32% for multi-class classification. These results highlight the potential of hybrid models to strengthen ransomware detection and enhance overall cybersecurity.