Err confusing terminology.
The lifespan of a cookie can be set in two way: either "until the user closes their browser" or "until <such-and-such a date and time>". I though the first of these was called a session cookie, but I may be wrong.
But, that sort of 'session cookie' is different from the cookie that Moodle (or in general PHP) uses to keep track of the fact that you are logged in, and have a PHP session on the server. That cookie can either last until you close your browser (or log out) like in Moodle. Or it can last until a certain time (like on Moodle docs and systems like that when you tick "remember my logon on this computer" box as you log in.)