Shame. I find that odd since it literally just "moves" the file, I see no delete function in the source.
I took a bit further look, and it never stores the public key on your system. It sends your computer name ("My-PC" or whatever) to the server, which only uses that to store it in the database with a totally random private 2048-bit RSA key. The public key is spit back to the malware, which simply holds it in memory to encrypt the encryption key, which is sent back to the server and stored in the database (assigned to your computer name, which once again could collide with another user's computer name very easily). The password for your files is a 32-character password randomly generated string, which is only ever sent to the server encrypted. The file itself contains no data, the entire thing is encrypted with no "header", and the ransom note has nothing to uniquely identify you; only your computer name.
Seems like a mishap for grand-scale operations on their end, as you would not be able to decrypt the data if the user formats the computer or simply re-names their computer.
I have only two ideas.
1. If network activity was captured during the infection time, we'd have the encrypted keys that would need to be cracked (I think one is RSA, so there would be "some" chance in time), but this is very unlikely unless you are recording with Wireshark all the time randomly... even if a firewall caught the URL and such out-bound, the data is sent with POST, so it wouldn't be usually saved easily.
2. Brute-force. I'm crunching numbers to see if this would be feasible. I see something that makes me think it is, but it's so easy to not realize how off the odds are when you're dealing with huge numbers (read: I'm still learning, lol).
As an aside, how did you find that Pastebin page with the source? Was it just by searching the ".magic", and we're assuming this is the exact same source as what hit you? Or was it left behind on the system and you posted it there?