Ransomware continues to pose a significant challenge to the cyberspace industry, with rising frequency and complexity threatening data integrity, availability, and confidentiality. Current detection methods often fail to effectively address modern ransomware due to inadequate feature sets and over reliance on centralized architectures, posing privacy and scalability challenges. We present RS-FEDRAD, a robust and scalable federated learning (FL)-based ransomware detection system that combines FL with deep dynamic analysis, using a novel Tactics, Techniques, and Procedures (TTP) enhanced dataset to overcome these limitations. This approach first captures critical ransom-ware behavioral attributes such as application programming interface (API) calls, dynamic link library (DLL) usage, and mutual exclusion (Mutex) operations, before mapping them to their corresponding ransomware-related TTPs using the MITRE ATT@CK framework. Extensive experimental evaluations highlight the effectiveness of the framework against unknown black-box and known white-box attacks, utilizing a hybrid convolutional neural network (CNN) and long short-term memory (LSTM) to achieve an impressive accuracy of 99.90% and an average federated accuracy of 99.50%. RS-FEDRAD offers a scalable, privacy-preserving solution that enhances ransomware detection and understanding of attacker strategies through its TTP-enhanced feature set., advancing ransomware mitigation with adaptive, decentralized, and robust security for today’s rapidly evolving threat landscape.