Since you blocked the connection at your software firewall level, I'd say they didn't even get to the password stage. There are plenty of people/bots/scripts that scan ranges of addresses for open SSH, VNC, etc. I doubt it was anything targeted at you specifically.