You must be referring to the wallet hash of a password (and not encrypted private keys, which do use AES256CBC), which looks similar to this:


Hashing a password in a wallet.dat is done using PBKDF2, and the SHA512 is merely a hash function used on a chunk of data within the many HMAC functions invoked in the PBKDF2 hash. So, you are not looking for a SHA512 hash, you want the PBKDF2 hash, which looks like the one I quoted above.

This hash can be obtained using the script bitcoin2john.py which is available on Github at https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/bitcoin2john.py .