Can DirtyCow be used to access SSH directly?

If there is an SSH level exploit, like a few years ago, hosts.deny will not do anything. It is better to firewall on SSH to select IP addresses than to use hosts.deny.

Having said that, what is the syntax of your hosts.deny? It should be: "sshd: IP: deny". However, at this point, I would start a new backup from backups, but during a new installation, and I would only restore data, not the system as a whole.