Ransomware attacks in recent years have proved expensive due to significant damages and obstructions these caused in various sectors such as health, insurance, business, and education. Several malware detection methods have been proposed to uncover different malware families, but the problem remained unsolved due to the continuously evolving malware. In this work, we proposed a multi-level big data mining framework combining Reverse engineering, Natural Language Processing(NLP) and Machine Learning(ML) approaches. The framework analyzes the ransomware at different levels (i.e., Dynamic link library, function call and assembly instruction level) via different supervised ML algorithms. Apache Spark was employed for faster processing of large generated feature set. Portable Executable (PE) parser and Objectdump tool of Linux system were used to get the raw data from the ransomware and normal binaries that were processed further using our custom-built NLP processing. The n-gram probabilities, term-frequency and inverse document frequency (TF-IDF) were used to generate the final feature sets. Experiments were performed with different ‘N’ values of n-gram language model that shows that the ransomware detection accuracy is inversely proportional to the value of N. Among the five chosen supervised classifiers, Logistic regression outperformed others with a detection rate of 98.59% for generated TF-IDFs trigrams at combined multi-level, which is an improved accuracy compared to individual levels.