Malicious binaries have caused both data and monetary loss to people, and the number of these binaries are kept increasing rapidly nowadays. With tons of unknown attack binaries, it is fundamental for security analysts to quickly identify malicious parts and report the critical behaviors within the binaries. While manual analysis is slow and ineffective, we believe an automated approach for identifying essential functions in binaries is the key to accelerating the analysis process. This study proposes a malware detection system that differentiates malicious binaries from benign ones. In the meantime, by leveraging call graph-based function embeddings and graph neural networks, the proposed system further identifies essential functions in binaries and visualizes the relationships between involved parts. We evaluate our proposed system using executable binaries in the Windows system, which has the largest market share and most malware binaries. The evaluation results show that our system has a similar detection performance (97.0% accuracy and 97.6% recall) to state-of-the-art malware detection models. Moreover, it also gives an intuitive and easy-to-understand explanation of the model prediction results by visualizing and correlating essential functions.