Even if they do, the per-file keys must be algorithmically-derived from the master key. (Otherwise, how can it unencrypt the files after you pay the ransom?)