The private key of your wallet (a 256-bit number) is symmetrically encrypted with a random master key and that master key is subsequently encrypted with the user-defined password.
The reason why your hashes are different for the same password is because the random
master key, random
salt and random
number of iteration is used for every attempt.
The hash you showed has the strict structure. Let me show what does mean each line from your first example (hope this will help you):
$bitcoin
// coin name (could be also litecoin, as the example)$64
// len of cry_master - master private key$9baaabed8bde61f4da580ff22905fd2dab69b6193bb365f0fdfbc540ff9f20fc
// master private key - encrypted_key from wallet.dat$16
// len of salt$9d4164a034dfdb82
// cry_salt - salt from wallet.dat$307949
// cry_rounds - number of rounds, nDerivationIterations from wallet.dat$96
// len of encrypted_privkey$0497430f102ff66a1556910eb9b9f3277cc38f437fb79f1d78345c770ac918cba04e48e785e29cc169a4e3c0b88b39f5
// ckey - encrypted_privkey from wallet.dat$66
// len of public key$03fff614df1bd468aa061bec32eff7b14c42a0a3d0df7d984a7b74a30a99f0ec87
// public key - pubkey from wallet.dayFor more details, you can also examine the tool called bitcoin2john.py - this tool extracts hashes from bitcoin wallet.dat
Sample bitcion2john.py code is here:
https://github.com/sirrushoo/python/blob/master/bitcoin2john.pyPS. This type of hash from wallet.dat also is suitable for hashcat (-m 11300 mode). Have a look at it too in order to understand more.