hashcat doesn't open the wallet... all it does is "hash" password combinations and compare to the "hash" you already have. If it finds a match, it tells you.

Depending on how corrupt the file is, you'll either get incorrect password or invalid file messages.

I know my Python multibit recovery scripts will often know if the password on a "corrupt" .key file is incorrect... but if the correct password is supplied it will spit out garbage data instead of the private keys etc... This is because the .key files are just encrypted "text" files. I've tested this by overwriting a few random characters of an encrypted ".key" files and then running the script.

.wallet file corruption is a bit different... the file format is a lot more sensitive to corruption as it is a "protobuf" binary file... so any corruption will generally mean that it is not able to be deserialised properly and the script will just crash with a "not a wallet file"-type error.

Same with the .wallet.cipher files... it'll generally know if the password to the file encryption is "OK", but then because the "protobuf" is damaged, it'll crash the script.