A software implementation is one running on a standard CPU or microprocessor, that executes mostly sequentially simple general instructions not dedicated to cryptography. The cryptographic algorithm is expressed as such instructions, perhaps after compilation from a less low level language, like C.
A hardware implementation runs on something else. That could be an ASIC, an FPGA. Nowadays that's often a dedicated area of a larger Integrated Circuit; e.g. a typical bank Smart Card includes dedicated hardware for 3DES, AES, RSA or/and Elliptic Curve Cryptography. Nowadays, the cryptographic algorithm is typically translated into a design expressed in some Hardware Description Language such as VHDL, then compiled into a silicon design or the configuration of an FPGA.
Hardware implementations are potentially orders of magnitude faster or/and less power-hungry than software ones, for the same algorithm. An extreme example of that is bitcoin miners, which boast efficiencies like 18⋅10-12 Joule per SHA-256. On the other hand, hardware implementations are much more complex to design. There are middle grounds, e.g. modern CPUs often include instructions that perform some step of a larger cryptographic algorithm, like AES-NI or SHA-256 extensions, with matching dedicated circuitry on the CPU die; and GPUs.
Hardware implementations generally can't be modified on the field (that's impossible for silicon). Such field changes are typically easier for software implementations (both for legitimate users and adversaries). There are exceptions: many FPGAs can be reprogrammed (sometime routinely, like at every system reset); an ASIC can be reconfigurable, within designed-in limits; software can be in ROM, thus immutable.
