weired issue with John brute force

[phocean]

Hi all,

I am having a weired issue with John the ripper or maybe the issue is the dumped hash itself.

The hash I get with fgdump looks like that :
phocean:04A23****************63B71A0:domain.com

I thought it was weired because usually the hash is supposed to look like that :
phocean:500:B267************B51404EE:36AA********* ****2A31C3FC:::

Anyway, I tried to brute force it the hard way (standard rules) :
$ ./john hash.txt

John just ends without finding the password.
It is weired because it is supposed to find it. The hash seems valid, John doesn't complain.

To make sure, and because I know the password, I tried with a dictionary attack with a file containing my password and... it worked !

So :
- the hash seems valid and a dictionnary attack succeeds
- John fails on brute forcing this particular hash (it worked with some different hashes)

I just can't understand what is going wrong. Has anyone ever had such an issue ? Or seen this kind of hash ?

[Liuser]

phocean - it is a cache password. Use JTR flag: --format=mscash

[phocean]

Thank you for your answer, I will try that.
I see those hashes are salted and it explains well why it failed.
However is there any logical explanation that the dictionary attack works straight forward ?